Beware! This Android Malware Secretly Downloads and Purchases Apps from Google Play Store

A new type of Malware has been reported by Dr.Web wherein it downloads and purchases applications from Google play without users consent. The malware is also capable of stealing information from configured google accounts.

A new Malware Code named 'Skyfin' secretely downloads and purchases Apps from Google play store with out users consent

How does it work? 



  • Code named Skyfin it reaches android devices through the help of different malware known as Android.downloader that spreads through the third party applications or APK files.
  • The malware compromises Google play services and automatically downloads some apps and are hidden in the downloads folder, so the user cannot see them.
  • The malware steals the device ID and account of the owner meant for google services, along with the confidential data and sends this information to the main component of Android.Skyfin.1.origin. From here the information is sent to command and control center.
  • The malware follows series of commands it receives and searches Google play store for specific app purchase it and even it adds reviews and ratings for the app all this without the user's consent. So in a way, this malware can be used by the application owners to increase the popularity of a specific app.
  • The malware can also click banner ads in the apps, so it can be also used by owners as a way of income generation.
Also read: Your brain waves could be your passwords in future, but only if you are not drunk


The security ressearchers have detected a few modifications of Android.Skyfin.1.origin. One among them has the capability to download any program from the catalog. For this purpose cybercriminals provide the trojan with a list of programs for download.

So cyberexperts suggest you to avoid any Apk files outside Google play store ,If necessary they have to be checked thoroughly before downloading on your device.

No comments:

Powered by Blogger.