Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

April 2015 Android malware review from Doctor Web

April 30, 2015

PRINCIPAL TRENDS IN APRIL

  • Distribution of Android.Toorch.1.origin, which is a very dangerous Trojan and is able to get root access for hidden installation and removal of various applications.
  • Detection of applications with aggressive advertising module on Google Play.
  • High activity of banking Trojans.

Number of entries for malicious and unwanted software targeting Android OS in Dr.Web virus database

March 2015April 2015Growth
71037971+12,22%

Mobile threat of the month

Last month Doctor Web security researches examined Android.Toorch.1.origin, which is a dangerous Trojan and is able to stealthily download, install, and remove applications, as well as display annoying advertisements on the screen of infected devices. Trojan's features are as follows:

screen

If Android.Toorch.1.origin is detected on a mobile device, we strongly recommend to run a full scan of the system by Dr.Web for Android in order to detect all additional modules of the Trojan. To permanently delete all modules installed by the malware, download and install the tool specially designed by Doctor Web experts. Once installation is complete, start the tool and follow the steps displayed on the screen. Find out more about the Trojan in this news item.

In April, applications containing aggressive advertising modules, including Adware.MobiDash.2.origin, were detected on Google Play. Doctor Web security researched discovered several suchlike applications; at that, the total number of downloads was more than 2,500,000. Adware.MobiDash.2.origin is used by free software developers to monetize the application and, thus, displays various advertisements. The application can execute the following unwanted actions:

screen screen

The number of entries for adware in Dr.Web virus database:

March 2015April 2015Growth
123144+17,1%

Banking Trojans

April was marked by high activity of banking Trojans targeting Android mobile devices and posing a threat to users worldwide. In particular, cybercriminals used SMS spam messages to distribute a banking Trojan in South Korea. The messages contained a link to download one or another malicious application. Doctor Web security researchers registered more than 80 spam mailings; at that, cybercriminals used the following topics for the messages:

screen

Malicious applications that performed the attacks

screen

Last month security researchers also registered high activity of Android.BankBot-family banking Trojans, which target customers of credit organizations worldwide. At the beginning of the month, the cybercriminals got arrested; however, distribution of this malware continues by other virus makers.

The number of entries for Android.BankBot Trojans in Dr.Web virus database:

March 2015April 2015Growth
94110+17,02%

Many of Android.BankBot Trojans can both automatically steal money from users' accounts and block operation of popular anti-virus malware, which makes the malware highly dangerous. Doctor Web experts have issued a special update for their anti-virus products protecting Android devices. The update delivers mechanisms to withstand such attacks; thus, users of Dr.Web for Android and Dr.Web for Android Light are under reliable protection.

Protect your Android handheld with Dr.Web now

Buy online Buy via Google Play Free of charge

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040