Android Malware written in Kotlin found on Play Store stealing data

Haythem Elmir
0 1
Read Time2 Minute, 1 Second

Just another day with just another Android malware hosted on Google Play Store targeting unsuspecting users – But this time, the malware is written in Kotlin, a statically-typed programming language.

Androidos_Bkotklind.Hrx Malware

The IT security researchers at Trend Micro have discovered an Android malware Androidos_Bkotklind.Hrx on Google Play Store hiding behind a utility app called “Swift Cleaner.” The app claims to clean and optimize Android devices but in reality, it installs malware and steals data and performs other malicious acts including click ad fraud, SMS sending, URL forwarding and sign up users for premium SMS service without the permission or knowledge of the victim.

According to Trend Micro’s blog post, once the Swift Cleaner is launched, the malware sends device information to its remote server and initiate tasks including sending SMS to a specified number, executing WAP (wireless application protocol) task that lets malware collect wireless network related information and injects a Javascript that allows the malware to secretly steal the device’s data –  All this is done after receiving tasks through command and control center (C&C).

Moreover, the malware uploads the information of the victim’s service provider, login credentials and CAPTCHA images to the C&C server which is then processed by attackers to sign the victim up for premium SMS service subscription that costs them money.

What Is Kotlin?

Koltin is an open-source programming language for modern multiplatform applications. In May 2017, Google announced Kotlin as a first-class language for writing Android apps which is being used by prominent apps including Netflix, Pinterest, and Twitter.

This is the first time that a malware is written in Koltin programming language. According to Lorin Wu, a mobile threats analyst with Trend Micro, “It’s still unknown if the abovementioned features of Kotlin can make a difference when creating malware.”

Malware Removed

Trend Micro reported their findings to Google who acknowledged the presence of malware and removed it from Play Store. The app had only 1,000-5,000 installs, however, there have been several incidents in the recent past in which tons of malware-infected apps successfully made it on to Play Store and infected millions of devices without raising any suspicion.

Therefore, Android users need to be vigilant and scan their device with an updated security software.

To read the original article:

Android Malware written in Kotlin found on Play Store stealing data

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Laisser un commentaire

Next Post

WhatsApp Flaw Could Allow 'Potential Attackers' to Spy On Encrypted Group Chats

A more dramatic revelation of 2018—an outsider can secretly eavesdrop on your private end-to-end encrypted group chats on WhatsApp and Signal messaging apps. Considering protection against three types of attackers—malicious user, network attacker, and malicious server—an end-to-end encryption protocol plays a vital role in securing instant messaging services. The primary […]