This Malware Has Managed to Circumvent The Security of Google Play for Three Years

For many years It has called into question the safety of Android by the amount of ‘virus’ that came into our smartphones. One of the reasons why we can find malware on the system is, basically, because it is the main objective of the hackers with malignant intentions.

During these years, several companies focusing on detecting threats to the operating systems have been reporting on every new malware that appeared on Android, but What few expected is that you will find an old malware. We are talking about, specifically, one that has managed to survive in Google Play a whopping three years.

A malware hidden on one app called ‘System Update’ called SMSVova

An application called ‘System Update’ has remained in Google Play three years fooling a lot of users, it has been downloaded between one and five million times and promised to update your terminal. Obviously, this was completely untrue and, rather than failure to comply with that, was engaged in spying on the smartphone in question.

Once downloads and you install the app, you see the typical message that the application is stopped and the icon disappears from your home screen. But ‘System Update’ is far from failing, because from there It begins to set up a function called MyLocationService, find the last location of the user and set it in preferences shared to access data and modify them.

In addition to this, ‘System Update’ you configure a SMS receiver to scan incoming messages in search of key words that are instructions for SMSVova, which currently kicks in to attack the device or protected by password. According to researchers at Zscaler, the fact that the app depends on SMS to initiate malware is what has managed to stay hidden Google Play anti-virus software over three years.

SMSVova into action when it receives an instruction in the app SMS and, from there, it remains localized to the device, and is even capable of modifying data.

When the malware starts to act, sends the location of the device the attackers, although researchers don’t know why you would need this to. The app takes from 2014 without update, but that does not mean that malware has stopped working, in fact it has followed infecting thousands of devices.

What the researchers have noticed that spyware SMSVova shares part of the code with a Trojan called DroidJack, that suggests that those who have created the malware are people expert in attacks on Android devices. After three years and a report by the team of Zscale, the app has been removed from Google Play.

Despite this, it is possible that several users still are in the grip of SMSVova, so if you ever installed this application, It is recommended that you do a hard reset of your device as soon as possible. While the majority of malware is stopped in time, there is always someone who manages to overcome the barriers, so Google should improve its security more and more to keep us safe.