Security researchers in trend technology found a malicious application developed in the Kotlin programming language in Google Play.
Malicious application Swift Cleaner disguised as a utility program for cleaning up and optimizing Android devices, and security researchers detected ANDROIDOS_BKOTKLIND.HRX in it. When found, the application is installed between 1000 and 5000.
Kotlin was announced by Google last year as Android's official support language. It is open source, and developers using Kotlin can provide more secure applications. It's not yet sure how malware developers use this programming language when they build malicious code.
Trend science and technologyExpressThis malicious application may involve a wide range of malicious activities, including remote command execution. It can also steal information from users, send messages, forward URLs, and click fraud. In addition, it was found that it was designed to subscribe to expensive SMS services without user permission.
Trend Technology explains that the first time an application is started, malware sends the acquired device information to a remote server and starts a background service to receive from C
After receiving the SMS command, the remote server begins to execute URL forwarding and performs fraudulent operations on the infected device.
Then, it will quietly open the mobile data of the device, parse the base64 picture, crack the CAPTCHA, and send the completed task to the remote server.
A malicious program can send the information on the service provider, the login data and the authentication code picture to the C
According to trend technology, Google Google has been informed of the security risks brought by Swift Cleaner applications. Google has confirmed that Google Play Protect can protect users from malicious attacks.