There is a new malware called 'Shopper' that promotes popular shopping app
ratings and installs. The Trojan app also spreads annoying ads and affects
more than 14% of Indians, according to researchers from global cybersecurity
and anti-virus brand Kaspersky.
Researchers say that 'shoppers' first got their attention after using their
extensive kitsch and Google accessibility services, HT reported via IANS.
Malware is called Co-Trojan-Dropper. AndroidOS.Shopper.a 'and Russia were
most affected from October to November 2019, where 28.46 percent of users
were affected by the app. Fifth (18.70%) infections were reported in Brazil and
14.23% in India.
The Shopping app allows users to read in-app content and automate
interactions with the user interface. Although this feature is designed to help
people with a disability, it allows hackers to take advantage of it, which poses
a serious threat to the phone owner. When spreading malicious information,
the malware may share videos on its private pages without the permission of
the device owner.
Once the Trojan app is accessed, it can do anything with the system interface
and other applications. The app hides the system as an app and uses a system
icon called 'K configapps' which allows it to hide from the user.
This Trojan-infected app can also hack a user's Google or Facebook account,
where it registers on popular shopping apps like AliExpress, Lazada, Zalora,
Shine and others. It posts app reviews on Google Play on behalf of the device
owner. If the access service does not grant permission to use it, it sends a
phishing request.
Additionally, the app can switch to Google Play Protect, which implements
a security check on apps before downloading them from the Play Store.
It is not yet known how the malicious app will spread, and Kaspersky
researchers believe it may be downloaded by fake ads or third-party app stores.