Detect a Trojan that sends premium SMS in two Google Play applications


Ztorg turns off the sound of the phone and deletes the inbox, so it is harder to detect it

Kaspersky Lab analysts have discovered a virus present in two Google Play applications. The Trojan, called Ztorg, is able to send SMS ' premium ' to the user's number to steal their money by turning off the mobile's sound and erasing the inbox, making it harder to detect it.

This version of the Trojan for ' smartphones ' was present in the ' Magic Browser ' and ' noise detector ' applications, which reached 50,000 and 10,000 downloads, respectively. The programs were uploaded last May to the App Store, but Google Play eliminated them soon.

The analysts of the Russian cybersecurity company suspect that the ' apps ' used to introduce malicious code by stages in the devices, but fortunately the attack was only in its first phase of development. The ultimate goal of the cybercriminals, according to Kaspersky Lab, would be to run a full version of the Ztorg Trojan using a phased strategy, alternating between clean and malicious updates to avoid a Google Play security review.

However, ' malware ' was detected when the SMS ' premium ' function was implemented. "The Ztorg Trojan will continue to appear in the Google Play store, accompanied by new tricks designed to avoid security measures and infect as many Android devices" warns Roman Unuchek, analyst of Kaspersky Lab. Therefore, Unuchek recommends that users be careful with application downloads because "although they appear normal, there is no guarantee that they will be clean for a long time longer."

Comments

Popular posts from this blog

Bitcoin will not be able to repeat the 2017 rally. Analysts are sure of that.

"Investors need a minimum." When Bitcoin Will Begin Recovery