A report published by digital forensics experts from Kaspersky details the activity of “Shopper”, a recently detected malicious app. According to this report, the malware hidden in this app has already infected almost 15% of smartphone users in India. The malware was also detected in countries such as Brazil, Russia, among others.
This app was developed to increase the ratings of shopping apps, spread ads and install apps on infected devices without the consent of affected users. In addition, the malware also has the ability to spread misinformation through social networks and other online platforms.
After the app is installed, and the user grants
some permissions the malware begins to interact with the system interface and
the rest of the installed apps to collect information displayed on the screen, automatically
press icons and even imitate some of the victims’ most used gestures, plus
Shopper can hide its icon on the apps menu.
The collected information is sent to a hacker-controlled
server. As if that weren’t enough, digital forensics experts claim that, after
completing the infection, Shopper is able to display ads on the smartphone
screen automatically as soon as the user unlocks their device.
Using a remote command, hackers abuse the
victim’s Facebook and Google accounts to sign up for shopping websites and
entertainment platforms like Dailyhunt, AliExpress, among others and even post
reviews on the Play
Store on behalf of the affected user. Hackers can also create shortcuts
to external websites and even replace legitimate app icons with shortcuts to
other sites. Shopper is also able to disable Google Play Protect, a feature to
verify the security of apps downloaded from official platforms.
The number of affected users has reached six
figures. In the report, Kaspersky’s digital forensics specialists say that, in
India there are around 400 million mobile phone users, mostly very unfamiliar
with security issues, which facilitates the work of hackers who develop apps
such as Shopper in order to trick users and stealing money and confidential
The International Institute of Cyber Security
(IICS) says India has been the second country with the most victims of
cybercrime for at least three years, so it is not surprise that hackers keep
targeting this part of the world.