Researchers may have discovered first Kotlin-developed Android mobile malware
© Shutterstock / BadBrother
Trend Micro has detected a malicious app which seems to be the first developed using Kotlin. Swift Cleaner, a utility tool which cleans and optimizes Android devices “is capable of remote command execution, information theft, SMS sending, URL forwarding, and click ad fraud.”
Lorin Wu, a mobile threats analyst working for Trend Micro, an IT security solutions provider explained in a recent blog post that the company has detected a Kotlin-developed malicious app. Swift Cleaner, a utility tool which cleans and optimizes Android devices had already been installed 1.000-5.000 times by the time the blog post was published (January 9th, 2018).
The bad news is that this app is capable of the following things, Wu wrote: “remote command execution, information theft, SMS sending, URL forwarding, and click ad fraud. It can also sign up users for premium SMS subscription services without their permission.”
This is how Swift Cleaner works
When users open Swift Cleaner, the malware sends their device information to its remote server and starts the background service to get tasks from its remote C&C server. When the device is infected the first time, the malware will send an SMS to a specified number provided by its C&C server, then the remote server will execute URL forwarding and click ad fraud, according to the blog post announcing the malware.
There’s more: the information of your service provider, the login information and CAPTCHA images can also be uploaded to the C&C server. Next, the C&C server automatically processes your premium SMS service subscription (a.k.a. this might get pricey).
Trend Micro has informed Google. For more details about how to see whether your device has been compromised and more details about the malware, check out Wu’s blog post.