The page may not load correctly.
June 14, 2023
The number of user requests to decrypt files affected by encoder trojans decreased by 13.75%, compared to the previous month. Victims of encoder trojans were once again most frequently targeted by Trojan.Encoder.26996, Trojan.Encoder.3953, and Trojan.Encoder.35534 ransomware.
Over the course of April, a large number of threats were discovered on Google Play. Among them were trojans from the Android.FakeApp family, which are used in fraudulent schemes, and a malicious app from the Android.Joker family that subscribed victims to paid services.
The most common threats of the month:
In April, the number of requests to decrypt files damaged by encoder trojans decreased by 13.75%, compared to March.
The most common encoders of April:
In April, Internet fraudsters kept trying to lure users to phishing websites such as fake versions of online stores. For Russian users, attackers again organized spam campaigns with emails offering fake discount coupons that were allegedly from the M.Video store.
To “purchase” products they liked, visitors to these sites had to provide personal information and bankcard data. In reality though, the victims of this scheme only exposed their personal information to the fraudsters and risked losing money by “paying” for goods that did not exist.
Below is an example of a spam email. It contains fake information about a discount-related promo code and a link to a copycat website of the store:
Examples of pages of a phishing site that simulates the look of the real online store’s website are shown below. Visitors are asked to provide personal information and “pay” for the order.
According to the detection statistics collected by Dr.Web for Android, in April, adware trojans were again among the most widespread Android threats. Compared to March, users were attacked by ransomware and banking trojans more often. At the same time, the activity of spyware trojans decreased.
During April, other threats were detected on Google Play. Among them were fake programs from the Android.FakeApp family, which are used in various fraudulent schemes, and a member of the Android.Joker trojan family that subscribed victims to paid services.
The following April events involving mobile malware are the most noteworthy:
Find out more about security threat landscape for mobile devices in April in our special overview.