New Android Trojan he buys and installs the app from Google Play
Among malicious programs for Android devices, widespread Trojans showing Intrusive advertising. Some of them may perform other unwanted actions – for example, to download and install applications, and steal sensitive information. One of the new Trojans detected by Dr. web, can buy and install programs from Google Play.
Android Trojan called Android.Slicer can also buy and install apps in the Google Play store. “Malware” is a tool supposedly to optimize the mobile offering to clear the memory of the gadget, closing unused applications. The program can turn on and off Wi-Fi and Bluetooth with quick commands displayed on the home screen.
The app is on the device or after downloading manually or being installed by other malicious applications. Some time after the run, as well as enable or disable screen and Wi-Fi module Trojan transmit to the control server IMEI of the infected device, the MAC address of the Wi-Fi adapter, the name of the manufacturer of smartphone and version of the operating system. In response, the malware receives the task required for displaying ads: to add a shortcut on your home screen to show a banner ad to open the link in the browser or in Google Play.
In the latter case, when working on Android 4.3 Android.Slicer downloads the Android rootkit.Rootkit.40, which produces a root device (similar to jailbreaking) and gives you more control. After the Trojan gets the chance to press a button in Google Play, such as “Continue”, “Install” and “Buy”.
Often Android.Slicer is limited to display advertising, if he installs the app, their labels appear on the home screen.