Posts

New trojan detected on AppGallery app catalog

Image
  November 23, 2021 Doctor Web malware analysts discovered dozens of games on the AppGallery catalog that have an Android.Cynos.7.origin trojan built into them. This trojan is designed to collect users’ mobile phone numbers. At least 9.300.000 Android device owners have installed these dangerous games. The Android.Cynos.7.origin is one of the modifications of the Cynos program module. This module can be integrated into Android apps to monetize them. This platform has been known since at least 2014. Some of its versions have quite aggressive functionality: they send premium SMS, intercept incoming SMS, download and launch extra modules, and download and install other apps. The main functionality of the version discovered by our malware analysts is collecting the information about users and their devices and displaying ads. The apps that contain the Android.Cynos.7.origin ask users for permission to make and manage phone calls. That allows the trojan to gain access to