A dangerous family of malware has been terrorizing users for years,
Dr. Web antivirus company has published a large study on new samples of the Android.Xiny family of Trojans.
Experts have known the trojan since 2015, but it turned out to be very tenacious and attackers continue to create more and more new versions of it. The malware works on devices with Android up to version 5.1 inclusive. It is worth noting that devices with such old versions of the OS still account for a large share – about 25%.
The main function of Xiny is the installation of arbitrary applications on the device without user permission, which gives attackers the opportunity to earn money on affiliate programs that pay for the installation. The trojan is distributed through collections of software for mobile devices and even through official application directories, including Google Play.
Once on a smartphone or tablet, the trojan is trying to get root access for the subsequent, inconspicuous installation of “extra” software. In addition, the trojan is able to display overly intrusive ads. However, the most unpleasant feature is its protection system – the trojan is almost impossible to remove.