The recent reports from Trend Micro say that they have found a new malicious app which is dubbed as ANDROIDOS_BKOTKLIND.HRX. The new app is actually coded in Kotlin Programming language and it’s the first malware coded in Kotlin.
This Is The First Android Malware Written In Kotlin & It’s Dangerous
If you remember at Google I/O 2017 developer conference, the search giant Google announced that Android is getting official support for Kotlin Programming language. So, Kotlin has been growing at a fast pace and developers are learning Kotlin programming language with an intention to code safer and faster Android app.
However, the recent reports from Trend Micro say that they have found a new malicious app which is dubbed as ANDROIDOS_BKOTKLIND.HRX. The new app is actually coded in Kotlin Programming language and it’s the first malware coded in Kotlin.
The malware was spotted in Swift Cleaner. The malware poses itself as a tool which is used for cleaning and optimization purposes. The app also recorded 1,000-5,000 installations and the malware has the capability of remote command execution, SMS sending, URL forwarding, identity theft, click-frauds.
If that was not enough for you, then Swift cleaner app can automatically sign up for premium SMS-based services without your permission. Whenever victim launches the malicious app, the malware transfers device information to the remote server and boots up the background services to get instructions from C&C server.
According to the reports from Trend Micro, after the initial infection, the malware sends an SMS. Once the sent SMS is received, the remote server does click ad fraud via URL forwarding. However, to do this, the malware uses Wireless Application protocol task to inject malicious JavaScript code.
The malware then uploads information of victim’s service provider, login information & CAPTCHA to C&C server to process the subscription to premium SMS services.
So, the best way to avoid these types of malware is to use proper security methods and make sure to download apps from trusted sources only. So, what do you think about this? Share your views in the comment box below.
