In total, researchers have identified around 190 malware-infected games, some of which were designed to specifically target Russian users, whereas some targeted Chinese and foreign users.
Researchers from Doctor Web have shared details of a mobile campaign that infected at least 9.3 million Android devices. Reportedly, a new class of malware was used in this campaign, which was hidden inside dozens of strategy, arcade, and shooter games.
These games were available on Huawei’s AppGallery marketplace. The main objective behind this malicious campaign was to steal device info as well as the mobile phone number of the victim.
Doctor Web researchers have classified the trojan as Android.Cynos.7.origin because the malware is a modified variant of the Cynos malware. They identified around 190 malicious games, some of which were designed to specifically target Russian users, whereas some targeted Chinese and foreign users.
The Cynos program module can be integrated into Android apps and generate revenues for the attacker. This module was discovered in 2014; some of its versions implemented aggressive features, such as premium SMS sending capabilities, intercepting incoming SMS, downloading/installing other apps, downloading/launching additional modules,