• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 3rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Android Malware written in Kotlin found on Play Store stealing data

January 11th, 2018 Waqas Security, Malware 0 comments
Android Malware written in Kotlin found on Play Store stealing data
Share on FacebookShare on Twitter

Just another day with just another Android malware hosted on Google Play Store targeting unsuspecting users – But this time, the malware is written in Kotlin, a statically-typed programming language.

Androidos_Bkotklind.Hrx malware

The IT security researchers at Trend Micro have discovered an Android malware Androidos_Bkotklind.Hrx on Google Play Store hiding behind a utility app called “Swift Cleaner.” The app claims to clean and optimize Android devices but in reality, it installs malware and steals data and performs other malicious acts including click ad fraud, SMS sending, URL forwarding and sign up users for premium SMS service without the permission or knowledge of the victim.

According to Trend Micro’s blog post, once the Swift Cleaner is launched, the malware sends device information to its remote server and initiate tasks including sending SMS to a specified number, executing WAP (wireless application protocol) task that lets malware collect wireless network related information and injects a Javascript that allows the malware to secretly steal the device’s data –  All this is done after receiving tasks through command and control center (C&C).

New Android Malware written in Kotlin found on Play Store stealing data

Screenshot for the infected app (Via: Trend Micro / PlayStore)

Moreover, the malware uploads the information of the victim’s service provider, login credentials and CAPTCHA images to the C&C server which is then processed by attackers to sign the victim up for premium SMS service subscription that costs them money.

What is Kotlin?

Koltin is an open-source programming language for modern multiplatform applications. In May 2017, Google announced Kotlin as a first-class language for writing Android apps which is being used by prominent apps including Netflix, Pinterest, and Twitter. 

This is the first time that a malware is written in Koltin programming language. According to Lorin Wu, a mobile threats analyst with Trend Micro, “It’s still unknown if the abovementioned features of Kotlin can make a difference when creating malware.” 

Malware removed

Trend Micro reported their findings to Google who acknowledged the presence of malware and removed it from Play Store. The app had only 1,000-5,000 installs, however, there have been several incidents in the recent past in which tons of malware-infected apps successfully made it on to Play Store and infected millions of devices without raising any suspicion.

Therefore, Android users need to be vigilant and scan their device with an updated security software.

  • Tags
  • Adware
  • Android
  • Cyber Crime
  • internet
  • Kotlin
  • Malware
  • Play Store
  • Scam
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Netgear's New Gaming Router Offers Protection Against DDoS Attacks
Next article FBI supports & blames encryption for 7,800 devices it can't unlock
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Gootloader exploits websites via SEO to spread ransomware, trojans

Gootloader exploits websites via SEO to spread ransomware, trojans

Authentication bypass vulnerability found in NATO, EU approved firewall

Authentication bypass vulnerability found in NATO, EU approved firewall

Data analytics firm Polecat data breach - 30TB of data exposed

Data analytics firm Polecat data breach - 30TB of data exposed

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Gootloader exploits websites via SEO to spread ransomware, trojans
Security

Gootloader exploits websites via SEO to spread ransomware, trojans

Authentication bypass vulnerability found in NATO, EU approved firewall
Security

Authentication bypass vulnerability found in NATO, EU approved firewall

Data analytics firm Polecat data breach - 30TB of data exposed
Leaks

Data analytics firm Polecat data breach - 30TB of data exposed

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us