Influenza A virus subtype H5N1 trojan wrapped into within a Simple Call Recorder app was discovered yesteryear an ESET malware researcher Lukas Stefanko. The malware tricks user inwards downloading an additional app, which appears every bit a recent Update from Adobe Flash Player.
The safety researcher discovered the malicious app on the Google Play Store on Nov 30, 2017, till too thus the app has been installed to a greater extent than than 5,000 times on dissimilar devices.
“Simple Call Recorder lasted on the Google Play virtually for a year, which is actually a long fourth dimension earlier existence removed, if nosotros regard that the app contained flashplayer_update.apk string inside,” said Stefanko inwards a post.
The app Simple Call Recorder was published yesteryear FreshApps Group, exactly instantly it has been removed from the Google Play.
Once the app is installed inwards the device, it automatically decrypts the additional binary file carried inwards “assets” too dynamically loads the files, said Stefanko.
The app is capable of both recording the calls too downloading an additional malicious app.
Stefanko said that “I could non recollect the app through the link that is hard-coded into the APK. It is probable that the app has already been removed from the server afterward existence available for download for over xi months, exactly the server is yet live.”
According to Stefanko, he institute 2 other telephone band recording apps on Google Play, which has the same functionality every bit of Simple Call Recorder, exactly they did non incorporate whatever form of malicious code.
Till today, Stefanko has institute to a greater extent than than l malicious apps, which has been installed on to a greater extent than than 350,000 times on dissimilar platforms amongst capabilities varying from scooping on WhatsApp messages to sensitive information similar browsing history, photos, passwords etc.
