Saturday, August 15, 2020
Home India Over 14% Indians Affected by 'Shopper' Malware: Report

Over 14% Indians Affected by ‘Shopper’ Malware: Report

After the screen is unlocked, the app launches, gathers information about the victim's device and sends it to the attacker's servers. The server returns the commands for the application to execute

A new Trojan application is boosting popular shopping app ratings and installations and spreading ads that annoy users and over 14 percent Indians have been affected by this malware dubbed as “Shopper”, researchers from global cybersecurity and anti-virus brand Kaspersky said on Sunday.

The highest share of users infected by “Trojan-Dropper. AndroidOS.Shopper.a” from October to November 2019 was in Russia, with a staggering 28.46 per cent of all users affected by the shopaholic app located in the country. Almost a fifth (18.70 per cent) of infections were in Brazil and 14.23 per cent in India.

“Despite the fact that at the moment, the real danger stemming from this malicious app is limited to unsolicited ads, fake reviews and ratings issued in the name of the victim, no one can guarantee that the creators of this malware will not change their payload to something else,” Igor Golovin, Malware Analyst at Kaspersky, said in a statement.

For now, the focus of this malicious app is on retail, but its capabilities enable attackers to spread fake information via users’ social media accounts and other platforms.

The Trojan, dubbed “Shopper”, first drew the attention of researchers following its extensive obfuscation and use of the Google Accessibility Service.

The service enables users to set a voice to read out app content and automate interaction with the user interface — designed to help people with disabilities. However, in the hands of attackers this feature presents a serious threat to the device owner.

“The malware could automatically share videos containing whatever the operators behind Shopper would want on personal pages of users accounts and just flood the internet with unreliable information,” added GOlovin.

Smartphone
There was 54 per cent increase in data breaches in 2019 as compared to 2018 and 2020 will see significant rise in the number of Smartphone-focused malware and banking Trojans, a new report has predicted. Pixabay

According to the researchers, once the Trojan has the permission to use the service, it can gain almost unlimited opportunities to interact with the system interface and applications. It can capture data featured on the screen, press buttons and even emulate user gestures.

It is not known yet how the malicious application is being spread, however, researchers at Kaspersky assume that it may be downloaded by device owners from fraudulent ads or third-party app stores while trying to get a legitimate application.

Surprisingly, the app masks itself as a system application and uses a system icon named “ConfigAPKs” in order to hide itself from the user.

Also Read: 17-year-old Helps NASA Find Planet in Habitable Zone

After the screen is unlocked, the app launches, gathers information about the victim’s device and sends it to the attacker’s servers. The server returns the commands for the application to execute.

Notably, depending on the commands, the app can use a device owner’s Google or Facebook account to register on popular shopping and entertainment such as AliExpress, Lazada, Zalora, Shein, Joom, Likee and Alibaba, leave application reviews in Google Play on behalf of the device owner, check the rights to use the Accessibility Service and if permission is not granted, it sends a phishing request for them.

The app can also turn off Google Play Protect — a feature that runs a safety check on apps from the Google Play Store before they are downloaded, and open links received from the remote server in an invisible window and hide itself from the app menu after a number of screens are unblocked. (IANS)

STAY CONNECTED

18,956FansLike
362FollowersFollow
1,779FollowersFollow

Most Popular

Walking To Work Leads To Health Benefits

Researchers have found that walking with a purpose -- especially walking to get to work -- makes people walk faster and leads to health...

Government To Soon Unveil a New Cybersecurity Policy

Prime Minister Narendra Modi on Saturday reiterated that the government will soon unveil a new cybersecurity policy. During his speech from the Red Fort on...

India Celebrates an artful Independence Day

BY- SIDDHI JAIN   While physical get-togethers to mark India's Independence Day may not be possible this year in the light of the pandemic, virtual...

Films Can’t Entirely Alter Reality but Can Steer Conversation: Pankaj Tripathi

Actor Pankaj Tripathi says films cannot entirely alter reality but can steer a conversation that will subsequently change mindsets, systematically and over time. In his...

Ashtottaram 11: OṀ KARMABHŨMYAI NAMAH

Nowadays, it seems westerners are caught up with the word 'karma' and you hear that word in every popular TV shows like Seinfeld, movies...

Facebook Starts Merging Instagram and Messenger Chats

In a fresh bid to allow cross-messaging among its family of apps, Facebook has reportedly started merging Instagram and Messenger chats. First spotted by The...

Here’s How an Online Training Helped me Land my Dream Job

About the Author: Apurva Bhalerao is a postgraduate in Mechatronics. She joined Internshala Trainings for Internet of Things training. She shares how an online...

Internships for Students With Good People Skills

College students, especially the first and second year ones, often hesitate to apply to internships for the reason that they don’t have any job-specific...

Recent Comments