26th November 2021, Kathmandu
Security researchers from Doctor Web have found another Trojan that has infected over 9.3 million Android devices.
The Trojan, named “Android.Cynos.7.origin,” is another type of malware that makes itself a different mobile game on Huawei’s AppGallery marketplace.
Android.Cynos.7.origin Explained
Android.Cynos.7.origin steals data from a victim’s device, for example, contact details, and displays unwanted advertisements. The specialists speculate that the Trojan is a modified version of the Cynos malware. The applications are infected with Android.Cynos.7.origin requests clients for authorization and makes phone calls, allowing the Trojan to get more data like location, mobile network parameters, and system metadata.
“The Android.Cynos.7.origin can be coordinated into Android applications to monetize them.
This platform has been known since somewhere around 2014. Some of its variants have very forceful usefulness: they send premium SMS, intercept incoming SMS, download and launch extra modules, and download and introduce other applications.
The primary use of the adaptation found by our malware analysts is collecting the information about clients and their devices and showing advertisements,” the researchers at Doctor Web said.
Information Collected
At the point when the client grants permission, Android.Cynos.7.origin collects and sends the data to a remote server:
- Client cell phone number
- Device location based on GPS organizes or the mobile networks and Wi-Fi access information (when the application has permission to access location)
- Different portable network parameters, for example, the network code and mobile country code; likewise, GSM cell ID and worldwide GSM area region code (when the application has permission to get to location)
- Different technical specs of the device
- Different parameters from the Trojanized application’s metadata
The Android.Cynos.7.origin was found in 190 games like simulators, platformers, arcades, techniques, and shooters. Some of these games target Russian-talking clients and different games that target Chinese or worldwide audiences.
“Right away, a cell phone number leak might appear to be an irrelevant issue. However, as a general rule, it can genuinely harm clients, particularly given that kids are the games’ entire interest group.
Regardless of whether the cell phone number is enlisted to a grown-up, downloading a kid’s down may almost certainly demonstrate that the kid is the person who utilizes the cell phone.
It is exceptionally dicey that guardians would need the above information about the telephone to be moved not exclusively to unknown foreign servers however to any other person overall,” the researchers added.
