The page may not load correctly.
June 3, 2019
In the past month, Android devices were once again targeted by malicious programs distributed via Google Play. The list contained the Android.HiddenAds adware trojans as well as the Android.SmsSpy spyware that intercepted text messages.
The malware detected in May included spyware trojans from the Android.SmsSpy family, Android.SmsSpy.10206 and Android.SmsSpy.10263. They were distributed via Google Play under the guise of banking software.
After installation and launch, these malicious programs attempted to assign themselves as the default SMS manager, requesting permission from the user. If permission was granted, Android.SmsSpy.10206 and Android.SmsSpy.10263 began intercepting all incoming text messages and transferring them to the attacker's server.
Specific features of the malware:
In early May, Doctor Web analysts discovered the Android.HiddenAds.1396 trojan on Google Play, which was distributed as an audio player.
The malicious program did allow users to listen to music, but then hid its icon after the first launch, preventing users from launching it again. Android.HiddenAds.1396 displayed obnoxious advertising banners that made it difficult to work with the infected mobile device.
New malicious and unwanted applications keep appearing on Google Play. Doctor Web recommends Android device owners to install Dr.Web for Android to protect themselves.