Android Clicker Malware Installed 20 Million Times
Security researchers are warning Android users about a clicker Trojan that has managed to invade 16 applications on Google Play and had around 20 million installations. A clicker is a Trojan that stays in the system memory and tries to connect determined online sites constantly or routinely. Ill-minded hackers can use a Trojan clicker to generate monetary gain from forced or fake clicks in sponsored advertisements, boost visits to certain websites to increase their financial gains and induce computer users to download Trojans and other malware types
When the clicker Trojan we are talking about, which was named by security researchers as Android.Click.312.origin is initiated, it will execute an HTTP request to download its remote design. Then, it registers the FCM (Firebase Cloud Messaging) listener to get push messages. From there on, the clicker Trojan can start to execute the actions it was created to accomplish.
One of Android.Click.312.origin activities is the collection of crucial data, which includes the users' geolocation and time zone, OS version, Internet connection kind, model and manufacturer of the users' devices. The collected data will be sent to the Command and Control of Android.Click.312.origin developers
Although Google is aware of the situation and has removed the infected applications from Google Pl, the huge number of installations remains a problem because numerous Android users may not be aware of their devices' infection. This is why it is crucial to have an anti-malware program installed on your device, to avoid infections such as Android.Click.312.origin.