Home > News content

The discovery of Android malware developed using Kotlin in Google Play

via:博客园     time:2018/1/11 14:17:29     readed:285

Security researchers in trend technology found a malicious application developed in the Kotlin programming language in Google Play.

Malicious application Swift Cleaner disguised as a utility program for cleaning up and optimizing Android devices, and security researchers detected ANDROIDOS_BKOTKLIND.HRX in it. When found, the application is installed between 1000 and 5000.


Kotlin was announced by Google last year as Android's official support language. It is open source, and developers using Kotlin can provide more secure applications. It's not yet sure how malware developers use this programming language when they build malicious code.

Trend science and technologyExpressThis malicious application may involve a wide range of malicious activities, including remote command execution. It can also steal information from users, send messages, forward URLs, and click fraud. In addition, it was found that it was designed to subscribe to expensive SMS services without user permission.

Trend Technology explains that the first time an application is started, malware sends the acquired device information to a remote server and starts a background service to receive from C

After receiving the SMS command, the remote server begins to execute URL forwarding and performs fraudulent operations on the infected device.

During the clicking of fraudulent programs, malware uses the wireless application protocol (WAP), and WAP is the technical standard for accessing information through mobile wireless networks. Next, we will injecting malicious JavaScript code and replace regular expressions, so that malware can resolve the advertisement HTML code in the specific search string.

Then, it will quietly open the mobile data of the device, parse the base64 picture, crack the CAPTCHA, and send the completed task to the remote server.

A malicious program can send the information on the service provider, the login data and the authentication code picture to the C

According to trend technology, Google Google has been informed of the security risks brought by Swift Cleaner applications. Google has confirmed that Google Play Protect can protect users from malicious attacks.

Come from:SecurityWeek

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments