Trojan Malware Installed On Millions Of Android Devices

More than 9m Android devices have downloaded and installed dozens of games from Huawei that have a trojan malware that is designed to collect vital user data.  According to a new report by  malware researchers at Dr.Web Anti-virus, Android devices have been infected hit by an info-stealing trojan in a  large-scale malware attack originating from Huawei's AppGallery app store. 

The Trojan malware can perform all kinds of malicious activities while it is on your device, including spy on your texts and downloading  and installing malicious payloads. Cynos, from which this Trojan horse was created.

The Dr.Web report says that the Android.Cynos.7.origin trojan, a modification of the Cynos program module known since 2014, downloads and installs other apps that collect information about users and their devices, as well as display ads and allows the trojan to get access to sensitive data. “This module can be integrated into Android apps to monetise them....  Some of its versions have quite aggressive functionality: they send premium SMS, intercept incoming SMS, download and launch extra modules, and download and install other apps... The main functionality of the version discovered by our malware analysts is collecting the information about users and their devices and displaying ads,” says the report.

The threat actors hid their malware in Android apps pretending to be simulators, games platforms, arcades, strategy, and shooting games for Russian-speaking, Chinese and English language users.

The apps containing the malware asks for permission to make and manage phone calls, which allows the trojan to collect and send information to a remote server, including:

  • Mobile phone number.
  • Device location and Wi-Fi access point data.
  • Various mobile network parameters, such as the network code and mobile country code.
  • Various tech specs of the device.
  • Various parameters from the trojanised app’s metadata.

The analysts' report found the trojan on 190 games, like simulators, games platforms, arcades, strategies and shooters.

"At first glance, a mobile phone number leak may seem like an insignificant problem. Yet in reality, it can seriously harm users, especially given the fact that children are the games' main target audience," according to a Doctor Web spokesman.

Dr. Web have notified Huawei about the threats and Huawei have now removed the apps containing the trojan from its AppGallery. 

DrWebGitHub:   Android Headlines:   The Hacker News:   World Republic News:   MalwareTips:   TechRadar

You Might Also Read: 

Malware – The Hateful Eight:

 

« Non-Profit Organisations & Cyber Security
Russia Wants Control Over Big Tech »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

Talend

Talend

Talend is a leader in cloud and big data integration software. Applications include Risk and Compliance management.

Code42

Code42

Code42 CrashPlan, is an enterprise SaaS solution that backs up all distributed end-user data on a single, secure platform.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

Enosys Solutions

Enosys Solutions

Enosys Solutions is an IT security specialist with a skilled professional services team and 24x7 security operations centre servicing corporate and public sector organisations across Australia.

Nexis

Nexis

Nexis GmbH is a German IT security company specializing in IAM, access control, and risk management.

Keepnet Labs

Keepnet Labs

Keepnet Labs is a phishing defence platform that provides a holistic approach to people, processes and technology to reduce breaches and data loss and presents anti-phishing solutions.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

Webtotem

Webtotem

Webtotem's mission is to prevent the global epidemic of website infection and provide every website owner with basic security rights.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Hub One

Hub One

Hub One is a leading player in digital transformation with expertise in broadband connectivity, business solutions for traceability and mobility, IOT in industrial environments and cybersecurity.

Cythereal

Cythereal

Cythereal is the leader in predicting and preventing advanced malware attacks. Security Automation for the Overwhelmed Administrator.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

Metabase Q

Metabase Q

Metabase Q protects you from financial and reputational losses with more efficient and intelligent cybersecurity, using the best worldwide in technologies, processes and specialists.

NetSfere

NetSfere

NetSfere provides next-generation messaging and mobility solutions to carriers and enterprises globally including its enterprise-grade, secure mobile messaging platform NetSfere Enterprise.

Black Duck Software

Black Duck Software

Black Duck (formerly the Synopsys Software Integrity Group) is the market leader in application security testing (AST).