Over 60 games on Play Store hit by a malicious Trojan
Security researchers have revealed over 60 Android games on PlayStore that were affected with a malicious Trojan named Android.Xiny which covertly hides inside images
Security experts have disclosed over 60 Android games on Google PlayStore infected with a malicious Trojan called Android.Xiny. According to Doctor Web security researchers, these 60 plus games that were infected were uploaded on Google Play in names of more 30 prominent games developers which include the likes of Conexagon Studio, Fun Colour Games and BILLAPPS.
Users who downloaded any of these infected games had their personal information compromised after which it was sent to a remote C&C (command and control) server. The malicious Trojan gathered sensitive user details such as IMEI identifiers, mobile network information, a phone's MAC address, the OS version and the kind of memory card the phone uses. Moreover, it could even detect from what app the Trojan was able to all this information.
Once the Trojan collected all this information, all the data collected was sent to the C&C server based on the infected phone's specifications. The malware operator would then tell the Trojan to display ads on a user's screen or further escalate the problem on the device by downloading other malicious apps.
Security experts have also noted the use of steganography that hackers used to pull off this stint. Steganography is essentially the art of deception, in this case it implies hiding data covertly in plain sight, particularly inside images. Creators of Android.Xiny hid the malicious software inside PNG images to avoid being detected.