Cybersecurity experts from the Cisco Talos group discovered a new dangerous virus, which is called GPlayed. The malware is still at the testing stage, but it can turn into a serious threat.
Cisco Talos found out as a result of the tests that the new Trojan presented itself as a Google Play client: it used a similar icon and was called Google Play Marketplace. When installing, the Trojan attempts to gain administrator privileges and requests permission to access the settings.
The malware is written in .NET using the Xamarin development tools. GPlayed features are rich and diverse:
- Theft of SMS and contact list;
- Making calls and sending SMS and USSD-messages;
- Launch of applications;
- Destruction of information, adding and deleting web injects;
- Theft of billing information;
- Set password lock.
The GPlayed Trojan looks very persistent, requests access to device administration, and until these rights are granted, the window cannot be closed. The GPlayed sample analyzed at Cisco is focused on Russian-speaking targets, since most of the pages intended for interaction with the victim are in Russian. However, the researchers noted that due to the peculiarities of the project, it is very easy to change the language in this case – no more difficult than the “career guidance” of a Trojan.
Unfortunately, mobile application developers are trying to avoid official stores because of bureaucratic red tape due to requirements from the site. The presence of viruses such as GPlayed clearly shows what can result in neglect of checks. Recently, droppers have become widespread, as users often do not know that a Trojan has appeared in their smartphone. As part of the fight against droppers, Google launched Play Protect, which constantly scans apps in the official app store for suspicious activity.
You can follow these rules to protect your data from hacking:
- Use modern antivirus software,
- Install applications only from the official site developer or from official stores,
- When downloading the application, read the reviews and its reputation.
We have a team of highly qualified specialists who can quickly help you. If you are faced with hacking, our team will search for viruses and spyware on your device and restore your data if necessary.
DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.
