Researchers have discovered a new cyber threat—a Trojan named that actively attacks users under the guise of antivirus software. This malware disguises itself as a known application and uses sophisticated methods to control devices. Distributed through fake websites mimicking official portals, it gains access to the device's system functions once installed.

The program requests permissions for managing screens and notifications, allowing it to obtain the authority to perform actions without the user's knowledge. After installation, it immediately uses accessibility services to automatically approve all necessary permissions, thereby evading antivirus software attacks.

Analysis has proven that the Trojan possesses a wide range of functionalities. It monitors calls and messages, accesses your camera and microphone, and steals data from other applications, including instant messaging services and payment services. Interestingly, the malware is capable of preventing its uninstallation by automatically blocking deletion attempts.

The trojan actively searches for and steals existing cryptocurrency data, such as passwords and transactions, from encrypted wallets. It also collects victims' personal information by exploiting vulnerabilities in popular applications and social networks, including and . To conceal its activities, the trojan employs code obfuscation, making analysis and detection challenging.

The program hides its icon on the device and sends commands to the attacker's server to download additional components. This allows it to continuously update and expand its capabilities even after being installed on the device for months. Its malicious activities are not limited to mobile devices. Attackers also use fake websites to download remote access programs onto and computers.

Researchers have identified domains used to spread this threat. Experts warn that vigilance is needed and downloading applications from suspicious sources should be avoided. Installing a reliable antivirus solution and maintaining good digital hygiene will help you avoid device infection.

author-gravatar

Author: Emma

An experienced news writer, focusing on in-depth reporting and analysis in the fields of economics, military, technology, and warfare. With over 20 years of rich experience in news reporting and editing, he has set foot in various global hotspots and witnessed many major events firsthand. His works have been widely acclaimed and have won numerous awards.

This post has 5 comments:

Leave a comment: