Home GoAndroid Ztorg Malware Issue Grows on Google Play Store

Ztorg Malware Issue Grows on Google Play Store

Jun 20, 2017

If you have an Android device, you should know about the latest malware to be problematic for the system. The latest malware problem is known as Ztorg, and it has been infecting several apps found on Google Play Store. As we have reported several times before, malware is a huge problem for the Android operating system.

The newest malware, known as Ztorg, is a potentially very dangerous family of malware. Read on to learn more about which new apps Ztorg was found to be in and how this latest malware can impact you on your Android device.

Ztorg Malware Found in Magic Browser

The news coming out today was that the Ztorg malware was just found in Magic Browser, which already has been downloaded over 50,000 times. Google has just removed the Magic Browser app from Google Play Store after being alerted that Magic Browser contains the Ztorg malware.

This is the second time in a month that Google has had to go in and remove an app due to it containing this dangerous type of malware. It was a security researcher from Kaspersky Lab, Roman Unuchek, who found the malware hidden inside of this pretty popular app on Google Play Store.

The researcher was able to find the code embedded in Magic Browser that would allow for someone, such as a hacker, to take complete administrative control at the root level of the infected Android device. Not only had Magic Browser already been downloaded over 50,000 times before the Ztorg malware was found hidden within it, but it was also disguised in a way to make people want to download it. Magic Browser was supposed to be a similar web browser to Google Chrome, and this alone is what made people want to download the infected app.

Another app that was found to contain Ztorg was Noise Detector. Thankfully, Noise Detector was not very popular and has only been downloaded about 10,000 times. Still, that is 10,000 people who could potentially be infected with the Ztorg malware. Noise Detector was kind of a weird app that basically would measure sound decibels, so it was a niche type of app. Magic Browser on the other hand, was definitely an app that people would be interested in so the risk of infected devices is a lot higher.

Ztorg Malware is Potentially Very Dangerous

When it comes to what Ztorg malware does, it basically will go in and exploit the vulnerabilities in Android in order to root the device. The apps are much harder to remove from the infected device, and it gives the person on the other end, such as a hacker, total control over the device since it goes after the administrative privileges. Privacy Lock, which was another app to have found to contain Ztorg, was a very popular app on Google Play Store.

Privacy Lock ended up with over 1 million downloads before Google had a chance to remove the app from Google Play Store. Privacy Lock was just removed last month, and there was a Pokemon Go guide app last year that also contained Ztorg. The Pokemon Go guide app ended up being downloaded over 500,000 times before Google was able to remove it.

Ztorg is what is known as a malicious rooting malware, and the apps infected with the coding can basically ruin the Android device. The apps are actually able to overwrite the folders and files that are critical for the Android device to run properly, which is how administrative privileges end up being granted and the devices are able to be rooted. The only real good news here is that both Noise Detector and Magic Browser were not able to root the Android devices itself, but the digital fingerprint of Ztorg was found within the coding.

For the security researchers, that means that the person who was responsible for developing the app had been getting ready to add the Ztorg malware to the apps. The researcher who found out about Magic Browser said that the app was in the process of either testing or actually using the text-messaging functions for malicious purposes.

That was the good thing with the researcher finding out about Magic Browser when he did, because it appeared the Ztorg malware was not fully installed on the app just yet. It does appear testing was going on when it was found. Hopefully, finding the Ztorg malware so early on in the app means that people will not be negatively impacted. If you have this app or Noise Detector on your Android device, you should immediately delete the app so that it does not cause problems for you down the road.