Compared to last December, the number of threats detected on Android devices decreased by 12.98% in January. One of the most active were trojans designed to download and execute additional malicious components and run arbitrary code. The share of unwanted software dropped by 11.37% as well, with spying and monitoring apps topping the list. Tools that allow Android applications to run without installation were among the most common potentially dangerous software detected.

Our malware analysts also discovered new modifications of the Android.Joker trojan family spread via Google Play.

PRINCIPAL THRENDS IN JANUARY

A decrease in the number of threats detected on Android devices
Discovery of new threats on Google Play

According to statistics collected by Dr.Web for Android

Android.RemoteCode.246.origin
Android.RemoteCode.256.origin: Malicious applications that download and execute arbitrary code.
Android.Triada.491.origin: A multi-functional trojan that performs various malicious actions.
Android.MobiDash.4074: A trojan that displays obnoxious ads.
Android.Backdoor.719.origin: A trojan that executes cybercriminal commands and helps them control infected mobile devices.

Program.FakeAntiVirus.2.origin: Detects adware that imitates anti-virus software.
Program.MonitorMinor.1.origin
Program.MobileTool.2.origin
Program.FreeAndroidSpy.1.origin
Program.Mrecorder.1.origin: Spyware that monitors Android user activity and may serve as a tool for cyber espionage.

Tool.SilentInstaller.6.origin
Tool.SilentInstaller.7.origin
Tool.SilentInstaller.11.origin
Tool.VirtualApk.1.origin: Riskware platforms that allow applications to launch APK files without installation.
Tool.Rooter.3: A utility designed to obtain root privileges on Android devices. It may be used by cybercriminals and malware.

Program modules incorporated into Android applications and designed to display obnoxious ads on Android devices:

Adware.Mobby.5.origin
Adware.Myteam.2.origin
Adware.Adpush.6547
Adware.Toofan.1.origin
Adware.Zeus.1

Trojans on Google Play

In January, Doctor Web specialists discovered new modifications of the Android.Joker trojan family. As before, malicious actors spread them disguised as harmless software such as online messengers, camera apps, images editors, wallpaper collections and others. These trojans automatically subscribe users to paid services and are capable of downloading and launching additional malicious components, along with running arbitrary code.

To protect your Android device from malware and unwanted programs, we recommend installing Dr.Web for Android.

Your Android needs protection.

Use Dr.Web

The first Russian anti-virus for Android
Over 140 million downloads—just from Google Play
Available free of charge for users of Dr.Web home products

Free download

— The Russian developer of Dr.Web anti-viruses

— Doctor Web has been developing anti-virus software since 1992

— Dr.Web is trusted by users around the world in 200+ countries

— The company has delivered an anti-virus as a service since 2007

— 24/7 tech support

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125124

Doctor Web in social networks

Link accounts

For Telegram

Self-support