'Shopper' trojan can hijack your Android phone

'Shopper' trojan can hijack your Android phone

Last year, Google announced the forming App Defense Alliance in collaboration with top security firms--ESET, Lookout, and Zimperium- wage war on malware-laced apps entering the Android mobile ecosystem. 

Now, it seems like the effort is not enough to curb them, as Kaspersky Labs researchers have unearthed  'Shopper', a new sophisticated trojan that can hide inside an Android phone without ever detected by the user and even deceive Google Play Protect security system.

However, the blame can't be put fully on Google, as the aforementioned trojan gets infected when the user downloads apps from a third-party website other than Play store.

Once inside,  it makes use of Google Accessibility Service to offer assistance to users with visual disability and read out app content and performs actions such as making a purchase on shopping apps. But, when not in use, it can take over device owner's Google or Facebook account to register on popular shopping and entertainment apps, including AliExpress, Lazada, Zalora, Shein, Joom, Likee, and Alibaba.

Must read: Google forms App Defense Alliance, wages war on malware

Also, it leaves app reviews and ratings without user consent and also floods the phone's screen with annoying ads.

What's scarier is that it can block Google's Play Protect feature, which routine checks for suspicious behaviour in an Android phone. Also,  it can capture sensitive data featured on the screen, press buttons and even emulate user gestures. 

It is also capable of downloading apps from the fraudulent Apkpure[.]com ‘market’ without the phone owner's consent.

“Despite the fact that at the moment, the real danger stemming from this malicious app is limited to unsolicited ads, fake reviews and ratings issued in the name of the victim, no one can guarantee that the creators of this malware will not change their payload to something else. For now, the focus of this malicious app is on retail, but its capabilities enable attackers to spread fake information via users’ social media accounts and other platforms. For example, it could automatically share videos containing whatever the operators behind Shopper would want on personal pages of users accounts and just flood the internet with unreliable information”, Igor Golovin, Kaspersky malware analyst said.

The report says that the highest share of users infected by Trojan-Dropper.AndroidOS.Shopper.a from October to November 2019 was in Russia, with a staggering 28.46% of all users affected by the shopaholic app located in the country. They also noted that a fifth (18.70%) of infections were in Brazil and 14.23% in India.

Google has not responded to the Shopper malware. However, Android phone owners are advised to install the anti-virus app from a reputable security firm and do a quick scan to weed out this trojan from the system before its too late.

Must read | Hackers using Greta Thunberg name to inject PC malware

Here's how to safeguard your mobile phone from adware and other malicious threats:
1) Whether you have an Android mobile or iOS-based iPhone, always stay updated with the latest software. Both Google and Apple send regularly send firmware — especially security patches monthly or on a priority basis, whenever they detect threats. So, make sure you install the latest software.
2) Another good practice is to install a premium Antivirus software on mobile, which offers 24x7 protection. They are equipped to detect threats quickly whenever you unknowingly visit a shady website
3) Never ever open emails or SMS and click URL links sent from unknown senders 
4) Also, never install apps from unfamiliar publishers. 
5) Always download apps from Google Play or Apple App store only. Never install from any third-party app store.

Get the latest news on new launches, gadget reviews, apps, cyber security and more on personal technology only on DH Tech.