A new Android Trojan, GPlayed that uses an icon similar to Google Play Store has been discovered by researchers at Cisco Talos. In a blog post, the researchers described the trojan has many built-in capabilities and is extremely powerful, thanks to its capability to adapt after it’s deployed. The Android malware uses the label, “Google Play Marketplace” which makes it less likely for users to detect.
The trojan is reportedly capable of things like monitoring location of the user’s device to harvesting their banking credentials. “This is a full-fledged trojan with capabilities ranging from those of a banking trojan to a full spying trojan,” the researchers explain. Thankfully, the malware does not seem to be widespread at this point of time. However, the post notes that there is evidence to indicate that the trojan is in its last stages of development and “has the potential to be a serious threat”.
Android Trojan GPlayed is currently in the testing stage, though users should be extra careful as the fake app can easily be confused with Google Play Store. “The average user might not have the necessary skills to distinguish legitimate sites from malicious ones,” the blog post reads.
Earlier this year, a different Android Trojan that targeted apps of 232 banks worldwide, including some in India, was identified by Quick Heal. The malware, called Android.banker.A2f8a could potentially steal personal data, intercept SMS which contain OTPs, steal contacts, and it also carried out nefarious activities with some banking apps.