Antivirus Google Play was not able to identify Trojan Packed ExpensiveWall, activated with a special code. Malware hidden in almost fifty applications designed to change the Wallpaper on the desktop of the mobile device, according to experts from Check Point, could infect millions of gadgets.
Team Check Point, found that the total number of downloads varies between 5.9 and 21.1 million Despite the fact that Google has removed from its online store all the suspicious applications even in August, experts admit that the Trojan remained on the smartphones of some users.
Before you download the infected application requests, among other things, Internet access (for communication with the C&C server) and the permission to send SMS messages (to check for fraudulent resources and send a paid sms). By the way, the last paragraph should immediately draw attention and alert — why app to change the Wallpaper such powers?
As explained in Check Point, track the malware, which at this stage is being exploited for financial gain, using anti-virus software on Android is impossible. The best way to protect yourself from it — to be vigilant when installing programs from unknown developers with tracking the requested permissions.
Source: Check Point