More than 9 million Android devices infected with data-stealing trojans

 160 total views

Security firm Dr.Web has discovered a new trojan named “Android.Cynos.7.origin” on millions of Android devices. This Trojan spreads through a large-scale campaign on Huawei’s AppGallery application store. A total of more than 190 apps containing “Android.Cynos.7.origin” were discovered with a total of 9.3 million installs.

“Android.Cynos.7.origin” is a modified version of the Cynos malware with the goal of collecting sensitive user data. After discovering the problem, Dr.Web contacted Huawei to ask it to remove the infected applications from the AppGallery.

Those who have installed these apps should also remove them from their Android smartphone as soon as possible.

Video Player is loading.

Current Time 0:00
Duration 0:00
Loaded: 0%
Stream Type LIVE

Remaining Time 0:00


(function(n,t,i,r){r=t.createElement(“script”);r.defer=!0;r.async=!0;r.src=n.location.protocol+i;t .head.appendChild(r)})(window,document,”//”)

A dangerous malicious code

“Android.Cynos.7.origin” is a malicious code with the ability to perform a wide range of malicious activities including spying on SMS messages, downloading and installing other malware, subscribing to expensive services, collecting collect data, display ads…

The data that “Android.Cynos.7.origin” collects includes:

  • Phone number
  • Location data based on GPS coordinates or based on cellular masts and WiFi hotspots
  • Data related to mobile networks including network codes, country codes…
  • Wide range of device specifications
  • Lots of other data

As mentioned above, users who have ever installed applications from Huawei’s AppGallery store should check and remove them if they discover that the application contains the trojan “Android.Cynos.7.origin”.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: