Android Malware: Google Removes Two Ztorg Trojan-Infected Apps on Google Play
It was recently revealed that Google removed at least two apps on Google Play that were detected to have been carrying the Ztorg Trojan virus.
Unfortunately, the apps were already installed in at least 60,000 Android devices before they were hunted down and removed from Google Play.
Roman Unuchek of the cybersecurity service provider Kaspersky Lab recently revealed through a blog post that their company was able to detect last May a couple of apps on Google Play that were plagued by the said virus.
Based on Kaspersky's blog, the Ztorg Trojan is not a new nuisance since Unuchek revealed he has been on the lookout for apps infected by it since September 2016.
"Distributed on Google Play through two malicious apps, it is related to the Ztorg Trojans, although not a rooting malware but a Trojan-SMS that can send Premium rate SMS and delete incoming SMS," Unuchek explained.
The two infected apps found were Magic Browser and Noise Detector, which were installed for 50,000 and 10,000 times, respectively, by the time they were taken down by Google.
Meanwhile, reports recall that several other apps were also removed from Google Play just recently after it was discovered that they were malware disguising as mobile apps. Back in April, Kaspersky Lab was also able to detect the "first Android malware with code injection."
The code-injected malware known as Dvmap was disguised as a simple puzzle game called Colourblock. What set Dvmap apart from the likes of the Ztorg Trojan is its use of various and most recent techniques to plague the platform, most intricate of them is that it "injects malicious code into the system libraries."
Within the first week of June, Kaspersky Lab reassures users that this malware app has been removed from Google Play as well.
On the other hand, a wide array of detected malware apps were also discovered to be pretending as money-making apps on Android that worked alongside Ztorg. As also reported by Kaspersky Lab, scanning through users' comments and ratings, they learned that apps like the Appcoins lure users to install it in exchange for money.
Unuchek earlier found out that in the mix of several apps that Appcoins instruct users to install, some even passed as clean or not infected by any antivirus or malware program. It was made possible by Ztorg which manages to get superuser rights once it infects a device.