Recently a new malware threat has emerged that specifically targets Android devices. Cisco Talos has discovered a new Android Trojan which is being distributed around the world. This new malware is RAT (remote administration tool), whichis used to steal information from Android Devices. This malware is also capable of recording phone calls and messages.
Talos identified two variants of RAT one is Android exploit (CVE-2015-3636) and other RAT which targets Windows these both malwares are used to steal information.
Capabilities of KevDroid malware:
1) Gain Root access.
2) Steal Call logs, Emails, and SMS.
3) Access device’s location every 10 seconds.
4) Collect information about installed applications.
5) Collect browsing history.
6) Steal files.
7) Records phone calls and audio.
KevDroid disguised as antivirus application called Naver Defender will be installed on your machine. Once it is installed, it starts stealing sensitive information.
Most of the users use their Android devices to access email, for sending and receiving sensitive information, perform banking transactions using mobile banking applications. This could lead to a serious problem if the device is infected with KevDroid. Once the information is stolen from the victim’s device then this will result in blackmailing, illegal access to accounts, kidnapping, identity theft, and other cyber-attacks.
Steps to take if your device is infected:
It is very difficult to know that a device is infected or not. However, you can if you have downloaded the fake antivirus application Naver Defender, then it means your device is surely infected.
If your device is infected you can follow the simple steps to remove the infection:
1) Disconnect your device from the internet.
2) Uninstall the application.
3) Delete any unknown files from your device.
4) Scan your device using a good anti malware software.
5) Last of all if nothing works, reset your device.
Attacks on Android devices are increasing day by day. As we are moving towards the future where the use of mobile devices is increasing in our day to day life, we need to make sure that our devices are properly secure and safe from any cyber-attacks.
This latest malware shows us that our devices are not so secure and attackers are constantly trying to exploit the vulnerabilities found in Android devices.
To protect your Android mobile device from malware, follow the steps below:
1) Always download the applications from Google Play Store.
2) Enable Google Play Protect.
3) Disable “Allow installation of apps from unknown sources” setting.
4) Install and enable a good antimalware software which has the best malware detection capabilities.
5) Take a regular backup of your Android device.
6) Encrypt all the files which contain sensitive information.
7) Keep your device locked, enabling pin or password.
8) Do not download and open any documents downloaded from untrusted sources.
9) Take a regular backup of your Android device.
10) Keep your device updated.
To secure your device we suggest users to use Systweak Anti Malware which is the best malware removal tool for Android. You can download it from here:
At first, users believed that malware only exists on computers, however, that soon realized that their mobile devices are as much as vulnerable as computers. Recent discovery of this malware shows us that all the information we store on our Android devices can easily be extracted and can be used for any malicious purpose. We should take ever steps necessary to protect our devices and have the best malware protection tool installed on our devices.