SUMMARY
India stood at third position as the most impacted country from ‘Shopper’ Malware
The malware gives hackers the access to spread ads, write fake reviews and install apps without the user’s knowledge
The ‘Shopper’ malware keeps flashing ads every time the screen is unlocked by the user
Researchers from cybersecurity solutions provider Kaspersky, on Thursday (January 9), revealed that a new Trojan malware application called ‘Shopper’ has infected more than 14.23% Indian users. The malware boosts shopping app ratings, spreads ads, installs apps without the consent of the user. This malware also has the potential to spread false information through social media channels and other platforms.
According to Kaspersky, the Trojan-Dropper.AndroidOS.Shopper. has affected Russia (28.46%) the most between October and November 2019, followed by Brazil (18.70%) and India (14.23%).
Source: Kaspersky
Igor Golovin, a malware analyst at Kaspersky, explaining the malware app, said that once it is installed and given permission by the user to access the service, it instantly interacts with the system interface and applications and can even capture the information shown on the phone screen, press buttons and imitate user gestures. Alarmingly, the malware app gets hidden from the app menu.
The origin of Trojan-Dropper.AndroidOS.Shopper malware is unknown at this moment. However, Kaspersky claims that this may be downloaded by device owners from fraudulent click-bait ads or third-party app stores. It is present in the device under the name ‘ConfigAPKs.
How Does ‘Shopper’ Malware Work?
The malware present in the phone flashes ads automatically when the screen is unlocked by the user. It collects information about the victim’s device and sends it to the hacker’s servers immediately. Once received, the attacker then sends a command for the application to execute tasks.
The command then prompts the infected devices to use Google or Facebook account to register on shopping sites and entertainment platforms like Jabong, MakeMyTrip, Dailyhunt, Hotstar, AliExpress, Lazada, Shein, Alibaba, Joom, Zalora and Likee among others. It leaves reviews in Google Play on behalf of the user without their knowledge. It can also create shortcuts to advertised sites on the app menu and replace shortcuts to installed apps with shortcuts to advertised sites.
In addition to this, the ‘Shopper’ app can also turn off Google Play Protect, which is a safety feature to check the apps downloaded are genuine.
The Cyber Security Threat Is Real In India
Currently, there are over 400 Mn active internet users in the country. Majority of Indian users are first-time adopters of smartphones, digital platforms and apps. It becomes, even more, easier for hackers using malware app such as ‘Shopper,’ to fool people and steal sensitive data or information for their own selfish motives.
According to the Data Security Council of India (DSCI), India has been the second most cyberattacks affected country between 2016 to 2018. In a report called ‘Cost of a Data Breach’ by Michigan-based Ponemon Institute and IBM Security, it is revealed that in the past six years, the average cost of the data breach has been growing at a rate of 12% and it is costing companies around $3.92 Mn, globally.
Last year, India’s cybersecurity agency CERT-In said that less than 3K Indian customers were exposed to OnePlus security breach. The breach took place via ‘phishing emails,’ where the hackers collected users’ names, mobile numbers and addresses. However, OnePlus, at the time, claimed that payment information, password and account logins were safe.
