6/23/2023 0 Comments Google bouncer security scanner![]() ![]() It’s probably this delay that enabled the TrojanDownloader to get past Google’s Bouncer malware prevention system.Īfter that, the Trojan requests device administrator rights and starts to communicate with its remote C&C server. In some variants of this infiltration, at least three days must elapse before the malware achieves full Trojan functionality. This is to make it less obvious that the trojanised game is responsible for the suspicious behavior. The Trojan sets timers that delay the execution of the malicious payload. It’s the backdoor Trojan that takes control of your device and makes it part of a botnet under the attacker’s control. According to our telemetry, Android users in India are currently the most affected, with 73.58 percent of these detections observed. ![]() After installation, the application runs in the background as service.ĮSET detects the games that install the Trojan as Android/TrojanDropper.Mapin and the Trojan itself as Android/Mapin. The app requesting the installation is passed off as a ‘Manage Settings’ app. The packaged application is dropped silently onto the device but has to ask the user to actually install it. Why would a regular game downloaded from the official Google Play store come with another application named systemdata? This particular application/game from Google Play Store is certainly not a system application, as the name seems intended to suggest. We at ESET recently discovered an interesting stealth attack on Android users, a fake app that is trying to use a regular game’s name but with one interesting addition: the application was bundled with another application with the name systemdata or resourcea and that’s certainly a bit fishy. ![]() ESET recently discovered an interesting stealth attack on Android users, an app that is a regular game but with an interesting addition: the application was bundled with another application. ![]()
0 Comments
Leave a Reply. |