which has security vendors Zscaler a for three years remained . Between an and five has been downloaded millions of times since 2014. The researchers suspect that the app is not detected by antivirus software, since she receive their commands via SMS and not as usual via the mobile Internet.-spyware in the play store spotted the there apparently
the spyware called SMSVova is hiding in referred to a system update app that supposedly helps users get new system updates to Android. Instead, she compromised the Smartphone of user and peeks out above all its exact location in real time.
on the app, the researchers only became aware by negative reviews of victims. They criticized that the updated app Google’s mobile operating system and instead slows the phone and also the battery consumption increases. Suspected the app was also because their page in the play store contained neither a detailed description and screenshots. There it was said only she update and activate special site functions.
when you first start the app, users are confronted with the error message “Unfortunately the update service has stopped”. Also, the icon of the app from the screen disappears. But the app doesn’t crash – she moved all activity in the background, including a service called MyLocatonService, which determined the last known location of the device.
in addition, the app sets up a function to receive SMS containing the commands for the app. The command “get faq” causes, for example, that protects the spyware with the password “Vova”, which derives their name SMSVova.
after establishing full spyware transmits the location data to their backers. For which the data is used, is, however, unknown. The app was updated most recently in December 2014. Nevertheless she have been further since hundreds of thousands of infected devices, according to the researchers.
the app has now removed from his offer
Google. Zscaler according to it is active but may still be on many devices. That they have received more than two years update, restricts their functionality not likely.
get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples.
[withmaterialfromDannyPalmer ZDNet.com ]
tip : you are an Android expert? Check your knowledge – with 15 questions on silicon.de