McAfee virus analysts learned about the resumption of dangerous malware activity Sonvpay.C, distributed through Google Play under the guise of various utilities for Android-smartphones. The modified version of the Trojan is more cleverly hidden from the user of the infected device, preventing its detection.
Sonvpay.C falls on devices under the guise of flash applications, QR code scanners and desktop images catalogs. Once installed, the Trojan sends a notification to the user that an update is required, the download consent of which is signed by the victim to paid mailings and services.
Unlike previous versions of Sonvpay.C, the new iteration does not use SMS, preferring WAP subscriptions. The service of WAP subscriptions allows you to subscribe to various services of content providers, but does not require the sending of any messages, leaving no visible traces of activity on the device.
Malicious software for Android
In total, McAfee experts identified 15 applications with built-in Sonvpay.C, most of which were downloaded from 10 to 50 thousand times, and the total damage from the activities of scammers was about $ 100 thousand. Most often, the victims of the Trojan were residents of Kazakhstan and Malaysia, which accounted for most of the installations.
Discuss this and other news of Android in our Telegram chat.