Info-tech

This latest Trojan malware ‘Shopper’ affects over 14% smartphones in India

Hemani Sheth Mumbai | Updated on January 14, 2020 Published on January 14, 2020

‘Shopper’ has affected smartphones across India between October and November 2019, says a report by Kaspersky

A new malware dubbed ‘Shopper’ has affected 14.23 per cent smartphones in India, according to the latest report by the global anti-virus brand Kaspersky.

The Trojan application affects the user’s device through unauthorised installation of shopping and retail apps, boosting the ratings of such apps and by displaying unnecessary adds adding to the annoyance of the user. The app can also post content from the user’s social media accounts, reports say.

The malware, also known as ‘Trojan-Dropper. AndroidOS.Shopper.a’ has infected devices across the globe. It gained momentum between October and November 2019. Russia is at the top of the list of countries where user devices have been hit by this malware with over 28 per cent users having been affected. Brazil precedes India on the list with over 18 per cent users affected.

How it works

According to the IANS report, once the Trojan acquirs the required permissions within the system, it has unlimited opportunities to freely interact with the system interface and applications.

According to the Kaspersky report, the malware is being spread through fraudulent ads or third-party app stores where users are led to download this malicious app in an attempt to get a legitimate application.

It can, however, be difficult to detect this malware as it disguises itself as a system file labelled ‘ConfigAPKs.’

Once downloaded, the app launches itself as soon as the screen is unlocked. It can further use the device owner’s Google or Facebook account as logged in the device to register on shopping and entertainment websites such as AliExpress, Lazada, Zalora, Shein, Joom, Likee and Alibaba, says the IANS report. It can also access and turn off Google Play Protect as well as leave reviews on various apps on the Google Play Store.

According to an Inc42 report, it can also create and replace shortcuts to advertised sites on the app menu. Users will be led to the shortcut created by the malware instead of the originally advertised sites.

Future repercussions

For now, the app is focused on retail. However, the app’s capabilities regarding posting content from a user’s social media accounts pose an imminent threat to the user’s privacy and security.

“Despite the fact that at the moment, the real danger stemming from this malicious app is limited to unsolicited ads, fake reviews and ratings issued in the name of the victim, no one can guarantee that the creators of this malware will not change their payload to something else,” Igor Golovin, Malware Analyst at Kaspersky, said in a statement as quoted in an IANS report published in Outlook India.

Golovin also added that the malicious app could automatically share videos containing whatever the operators behind Shopper would want on personal pages of user accounts. This can also lead to the internet being affected by false information, spread through fake videos.

According to a report by the Data Security Council of India (DSCI), India ranks second in the list of countries affected the most by cyberattacks between 2016 and 2018.

Published on January 14, 2020
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.