My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


June 2016 mobile malware review from Doctor Web

June 30, 2016

In June, Doctor Web security researchers detected several malicious applications on Google Play store. One of them was designed to steal login credentials for VK user profiles; and the other—to load suspicious websites as advertising banners in order to get users’ mobile phone number and subscribe them to chargeable services.


  • Detection of a Trojan that steals logins and passwords from VK user profiles
  • Detection of a Trojan that opens suspicious websites as advertisements on Google Play

Mobile threat of the month

Although Google Play is still considered to be the most secure Android app store, from time to time, attackers try to spoil its reputation by spreading their malicious programs via this catalog. This month, Doctor Web specialists detected a group of Android applications that were found to contain Android.Valeriy.1.origin. This Trojan is able to redirect to dubious websites and display them as advertisements in order to get their mobile phone number and subscribe them to chargeable services. Then a certain subscription fee is written off from the user’s mobile account every day. At that, Android.Valeriy.1.origin intercepted all SMS messages informing the user about the subscription. The Trojan can also download malicious programs and execute JavaScript scripts.

Android.Valeriy.1.origin #drweb Android.Valeriy.1.origin #drweb

More information about Android.Valeriy.1.origin can be found in the corresponding review published by Doctor Web.

According to statistics collected by Dr.Web for Android

According to statistics collected by Dr.Web for Android #drweb

According to statistics collected by Dr.Web for Android #drweb

An unwanted program module that is incorporated into the Android applications and is responsible for advertising on mobile devices.

Trojans on Google Play

Apart from Android.Valeriy.1.origin, another Trojan was found in Google Play—Android.PWS.Vk.3. This Trojan was represented as a media player for VK music. It prompted the user to enter their login and password for the VK user account and then covertly sent this private information to cybercriminals.

screen Android.PWS.Vk.3 #drweb screen Android.PWS.Vk.3 #drweb

For more information about Android.PWS.Vk.3, refer to the news article published by Doctor Web.

Doctor Web strongly advises users to install only official applications and protect their devices with anti-virus software.

Protect your Android device with Dr.Web now

Buy online Buy on Google Play Free download

© Doctor Web
2003 — 2022

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies