Android malware caught disabling play protect feature of the Play Store

A latest malware is found by security researchers with the ability to disable play protect security features.

“Trojan-Dropper.AndroidOS.Shopper.a” is the trojan that easily trick the users and gets downloaded into their system as it has a very similar name to a legit Android application. After getting installed in the user device, the malware starts collecting sensitive data such as IMEI number, IMSI number, the network type and country details.

After the collection process is successfully executed the malware contacts it's command and control server. The attackers related to the attack control this CNC servers and can perform various malicious tasks of their choice. The trojan is also being used to promote other malicious apps present on a third-party store named Apkpure.com by posting highly optimistic reviews and ratings.

To prevent detection the malware disables the “Google Play Protect” which is used to protect android devices from such malware and attacks. The statistics have suggested that the top three targeted countries for this attack are Russia, Brazil, and India. To stay protected and safe from such viruses and attacks, NPAV recommends using only proper and trusted apps and app stores. Always have a proper reading of the permissions that the application demands.

Use NPAV and join us on a mission to secure the cyber world.