Android users, beware. According to Kaspersky Labs there is a new threat gathering for the mobile platform. This threat is known as Dvmap. It is different from all the malware we know and we hope that Google to protect us from it.
Since April 2017, Kaspersky has been tracking the distribution of a Trojan horse in the Play Store. Dvmap has since then remain hidden from Google’s protection and verification mechanisms by constant swapping clean code with harmful code and vice versa. The Bouncers, which was introduced in 2012 to keep malware from the Play Store, can be easily be tricked.
What we know about Dvmap latest android malware
Kaspersky Labs grouped this malware as Trojan.AndroidOS.Dvmap. This is a tricky form of malware, according to the experts. It tries to obtain root access in four various ways even with 64-bit compatible code.
The worse part of it is that, it injects harmful code into system libraries libandroid_runtime.so and libdmv.so.
Therefore, the Trojan horse triggers protection mechanisms to install and verify third-party apps. This is done by an administrator service called com.qualcmm.timeservices, which looks more similar to an authentic background service like com.qualcomm.timeservices. The difference between the two service names as it is a common trick employed by hackers and malware advertisers to trick users into trusting them.
Right now, a huge number of devices could be affected. But so far, only a maximum of 50,000 devices are reported to be affected. The malware could install third-party software on infected devices at a later date. The author can offers his ability for anyone interested on the black market.
Google can delete harmful apps from your device. Nevertheless, since the malware control the system libraries, it could stop Google from being able to do so, or report immediately to the malware’s author. The author could then install a various version of the malware in order to avoid the protection mechanism again.
Right now, only formatting the system partition and install the original firmware can save an affected smartphone. The only way to prevent this from happening is to have the latest security patches. Nevertheless, not everyone gets the updates, as manufacturers fear that if they do so they will not buy new phone.