A malicious program called Advanced Battery Saver entered the Google Play directory. This is reported by experts in the field of cyber security from the company RiskIQ. Unlike most malicious applications that only mimic the claimed functionality, it really reduced the resource consumption, but also pursued another, much less noble goal.
Getting on the device, Advanced Battery Saver stopped many processes that negatively affected its autonomy and closed some particularly resource-intensive applications. In this case, as experts say, the malware requested permission to access SMS-messages of the victim, geolocation services, and also collected such information as phone number, IMEI and data about the device model.
The data obtained later could be used by the authors of the application as in personal goals, and for the purpose of reselling to advertisers. By the time Advanced Battery Saver was removed by Google censors, RiskIQ's request was downloaded more than 50,000 times, indirectly indicating the significant amount of malicious software infiltrating the Google Play catalog, damage.
Staying on an infected device, Advanced Battery Saver showed users advertising ads of a different nature, fraudulently forcing them to click on promoted links. It is possible that among these links could be phishing pages that mimic authorization windows in services like online banking.
Discuss this and other Android news in our Telegram chat room.