Trojan- A Contradictory Threat of Virus or Malware
News Desk
A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. It appears to be a type of malicious code or software that apparently seems to be legitimate but can take control of the computers. A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on the user data or network.
A Trojan acts like a genuine application or file to trick the users. It seeks to deceive the users into loading and executing the malware on their device. Once installed, a Trojan can perform the action it was designed for.
Sometimes Trojan is termed as a ‘Trojan virus’ or a Trojan horse virus, but there is a contradiction. Viruses can execute and replicate themselves. A Trojan cannot. A new Trojan application is boosting popular shopping app ratings and installations and spreading ads that annoy the users and more people are getting affected day by day. According to Kaspersky, the map shows the Trojan infected countries ; that means the people of those countries are not careful in using mobile phone apps and computers.
Notably, depending on the commands, the app can use a device owner’s Google or Facebook account to register on popular shopping and entertainment such as AliExpress, Lazada, Zalora, Shein, Joom, Likee and Alibaba, leave application reviews in Google Play on behalf of the device owner, check the rights to use the Accessibility Service and if permission is not granted, it sends a phishing request for them.
The app can also turn off Google Play Protect- a feature that runs a safety check on apps from the Google Play Store before they are downloaded and open links received from the remote server in an invisible window and hide itself from the app menu after a number of screens are unblocked.
Igor Golovin, Malware Analyst at Kaspersky, said in a statement, “Despite the fact that at the moment, the real danger stemming from this malicious app is limited to unsolicited ads, fake reviews and ratings issued in the name of the victim, no one can guarantee that the creators of this malware will not change their payload to something else,’’[1].
It is not known yet how the malicious application is being spreaded; however, researchers at Kaspersky assume that it may be downloaded by device owners from fraudulent ads or third-party app stores while trying to get a legitimate application.
Surprisingly, the app masks itself as a system application and uses a system icon named ”ConfigAPKs” in order to hide itself from the user. This Trojan can use someone’s social media account to spread fake news on twitter or Facebook.