Researchers have discovered a new Trojan that exists within 100 applications currently available on the Google Play Store. Security company Doctor Web (based in Russia) have now added this new Trojan, which they named Android.Spy.277.origin, to its virus database on April 1, 2016.
The company commented:
A Trojan for Android that steals confidential information and delivers advertisements. It is distributed via bogus versions of popular Android applications on the Google Play store.”
At the moment, the Trojan affects 104 Android applications that have been downloaded by 3.2 million users, which tend to be apps that promise services such as photo editing, wallpapers, etc, yet clearly have an ulterior motive.
Once the user has installed one of these malicious apps, the program is able to collect about 30 pieces of information about the user and then remotely transmit them to the “attacker.” Examples of this data includes the IMEI number, along with the model and operating system of the device.
The Trojan also has the ability to include advertisements in the form of notifications and even create shortcuts on the main screen to the Google Play Store.
Doctor Web has warned Google about the issue, and progress is currently being made to remove the threat. Google has asked users, as always, to use their common sense and only install applications from trusted developers.