Trojan Attack over 60 games on Play store

Over 60 games on Play Store hit by a malicious Trojan :

trojan attack on play store

Security experts have disclosed over 60 Android games on Google PlayStore infected with a malicious Trojan called Android.Xiny. According to Doctor Web security researchers, these 60 plus games that were infected were uploaded on Google Play in names of more 30 prominent games developers which include the likes of Conexagon Studio, Fun Colour Games and BILLAPPS.

Users who downloaded any of these infected games had their personal information compromised after which it was sent to a remote C&C (command and control) server. The malicious Trojan gathered sensitive user details such as IMEI identifiers, mobile network information, a phone’s MAC address, the OS version and the kind of memory card the phone uses. Moreover, it could even detect from what app the Trojan was able to all this information.

Once the Trojan collected all this information, all the data collected was sent to the C&C server based on the infected phone’s specifications. The malware operator would then tell the Trojan to display ads on a user’s screen or further escalate the problem on the device by downloading other malicious apps.

Security experts have also noted the use of steganography that hackers used to pull off this stint. Steganography is essentially the art of deception, in this case it implies hiding data covertly in plain sight, particularly inside images. Creators of Android.Xiny hid the malicious software inside PNG images to avoid being detected.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s