After the mobile banking trojan called Android.BankBot.65.origin which Android devices which could receive commands from host server and then exploit all the device vulnerability causing cyber criminals to steal money by intercepting and modifying SMS, the security researchers from Doctor Web Security have detected yet another Trojan for mobile devices designed to display fake SMS and email message notifications and to make users download malicious software.
The researchers wrote in the blog that users are likely to be deceived as these notifications resemble look like real ones. As a result they install some dangerous applications on their mobile devices “sponsoring” cybercriminals.
“Once the user taps such a notification, the Trojan downloads a special APK file from a remote server and plants another notification in the status bar. It initiates the installation process of the downloaded file,” the blog reads.
According to the research, majority of programs distributed in this manner are different Trojans including downloader Trojans, backdoors, and other dangerous software.
The researcher had detected the similar kind of Trojan in 2012, it attempted to make Android users download other malicious programs on their mobile devices.
“The fact proves that the described scheme of deception is still profitable and popular among cybercriminals,” the website explains.
The researchers said that the signature of Android.DownLoader.157.origin has been added to Dr.Web virus database. So, there is no threat to the users because of the malicious program.