In Google Play found a new virus

11

В Google Play нашли новый вирусGame virus downloaded millions of times.

Security researchers have discovered on Google Play 27 games with built-in them Android.RemoteCode.127.origin.

He quietly downloads and runs additional modules that perform different malicious functions. For example, simulate user actions, secretly opening the websites, and clicking on the located controls.

Android.RemoteCode.127.origin part of a software platform that developers use to extend the functionality of their applications. In particular, it allows players to support each other. However, in addition to the stated capabilities of such a platform performs the functions of a Trojan, covertly downloading from a remote server malicious modules.

The main objective of the program – invisible web sites and clicking on them located on elements such as links and banners. For this Android.Click.221.origin downloads the specified remote server address of the script that provides the ability to perform various actions on the page, including to simulate clicks on the specified script elements.

Thus, if the task of the Trojan was to move through links or ads, the attackers make a profit cheat counter visits web pages and clicking on banners.

However, this functional Android.RemoteCode.127.origin is not limited, as virus writers are able to create other Trojan modules that will perform other malicious actions. For example, to display a phishing window to steal usernames and passwords, to display advertisements and secretly download and install the application.

The specialists of “Doctor Web” found in Google Play 27 infected games that have downloaded more than 4 500 000 users of mobile devices.

LEAVE A REPLY

Please enter your comment!
Please enter your name here