Krysanec Trojan Hiding In Legitimate Android Apps

Robert Lipovski, a malware researcher at ESET, recently discovered a new remote access Trojan which roams the Android world, masquerading as legitimate apps. This spyware called Krysanec embeds malicious content in genuine applications, so that it can take control over several functions of your device.

The most common way to get infected with this RAT (remote access Trojan) is by downloading and installing apps from shady sources. Mister Liposvski's report states that the cracked versions of popular paid applications are the ones most likely to spread the infection to your device. At the moment, the backdoor Trojan is spreading through various sources that range from warez (sites with pirated content, cracks and serial keys) to social networks.

Once installed on your device, Android/Spy.Krysanec will harvest information and obtain backdoor access to a wide variety of functions and modules such as your camera, calls log, GPS location, microphone, list of installed applications, contacts list, saved SMS, browser history, etc. ESET's researcher went on to say that the best way to avoid this type of infection is to download apps only from trust sources such as the Google Play Store and, of course, didn't fail to notify us that ESET Mobile Security can help against this kind of threat.

Now seriously, several days ago a report which turned up to be covert advertising told us that Russian hackers amassed over 1 billion account credentials, yesterday or the day before a Cheetah Mobile Security representative announced a Facebook Color Changer pandemic for Android and now ESET reveals a new backdoor Trojan. Is there something more going on here or are all the hackers in the world returning at once from their summer holidays?

Source: ESET blog post.


Precaution is better than cure.
Download an antivirus and keep updating its definition.
What can we do more?

 –  5 years ago  –  Was it helpful? yes | no (0)