Tuesday, 08 September 2015 14:50

More malware sneaks under Google Play radar


According to a security vendor, apps containing a capcha-evading Trojan have found their way into Google Play.

A piece of malware that security vendor Bitdefender calls Android.Trojan.MKero.A was first detected in late 2014. At that time it was being distributed through third-party marketplaces and social networks in Eastern Europe, especially Russia.

The malware has now been found in apps available on Google Play, indicating that its developers have found a way of masking its behaviour from Google's automated Bouncer screening system.

Once installed, Android.Trojan.MKero.A takes advantage of an online capcha-to-text service that uses real people (largely from countries including India, Vietnam, Indonesia and Pakistan) to decode the images. The service typically charges less than US$1 for 1,000 decodings, and the rate can be as low as US$0.70 at times of low load.

This appears to be used to subscribe victims to premium SMS services without their knowledge or consent. The malware works almost invisibly on the affected device.

According to Bitdefender, two of the apps containing the Trojan have each been installed somewhere between 100,000 and 500,000 times. With a minimum charge of $0.05 per message, this means victims may have lost $250,000, the company said.

The company did not identify the apps that include Android.Trojan.MKero.A.

Detection and removal of the malware is "extremely difficult" without mobile security software, Bitdefender understandably stated.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments