The malware name might looks strange to you but bear with me that is very dangerous and is the first malware with code injector. This malware was also called Trojan by Kaspersky Lab products because it insert its modules into the system and injects malicious code into the system runtime libraries.
We all know Google playstore as the most trusted place where Android users installs trusted and malware-free applications but this Trojan or Dvmap malware injects malicious code into the system libraries in runtime, and up to 50,000 people downloaded it. Luckily, that Kaspersky Lab reported the Trojan to Google, and it has now been removed from the store.
How The Trojan Or Dvmap Works
The Trojan used a very interesting method and technique to bypass the Google Playstore security check by uploading a clean app to the store at the end of March, 2017, and would then update it with a malicious version for short period of time. Usually they would upload a clean version back on Google Play the very same day. They did this at least 5 times between 18 April and 15 May.
All the malicious Dvmap apps had the same functionality. They decrypt several archive files from the assets folder of the installation package, and launch an executable file from them with the name “start.”
Since it injects a malicious code in the library, you won’t be able to get update on Google playstore but rather installing different versions of malware.
How To Prevent Your Phone From The Malware
Do not download files (musics, videos, games and others) from untrusted sites. If your phone is affected, kindly factory reset your phone or Install a new firmware.
Is it helpful?