BEWARE! AbstractEmu Trojan sneaks into Google Play and can root your Android device


Share post:

Unknown attackers have publish several Trojanized apps into Amazon’s App Store, Google Play and Samsung’s Galaxy Store. Security researchers at the Lookout Threat Lab discovered a new rooting malware that affects apps on Google Play, Amazon Appstore and the Samsung Galaxy Store.

Large app stores such as Google Play actually want to use various security measures to prevent the entry of apps with malicious code. But obviously that doesn’t always work reliably. Lookout security researchers have come across dangerous Trojan apps in official app stores that can root Android devices. If this works, attackers usually have full control over devices.

AbstractEmu Trojan

Why is the trojan malware named “AbstractEmu”?

The trojan malware was “AbstractEmu” because it uses code abstraction and anti-emulation checks to avoid running while under analysis.

Lookout Threat Lab discovered 19 related applications, seven of which contain rooting functionality, including one on Play that had more than 10,000 downloads. To protect Android users, Google promptly removed the app as soon as the discovery was made and communicated.

AbstractEmu Trojan

The malware can take full control of your device!

Root users have access to all elements of the Android operating system. In this case, apps with malicious intent can bend all settings and activate permissions. The AbstractEmu Trojan should then have access to the microphone and the camera and be able to take screenshots.

What is Rooting?

Rooting is the process of gaining “root access” or privileged control over devices, most commonly Android smartphones and tablets. It enables a normal user to have administrator-level permissions to the operating system environment. In the case of Android devices, it helps in circumventing the security architecture, but if not done correctly, could potentially cause problems.

▶ Attackers could use rooting to gain access to passwords. In addition, it should be able to intercept SMS messages with codes from two-factor authentication (2FA). Equipped with this, attackers could, for example, gain access to accounts that are actually secured with 2FA.

▶ What exactly the criminals want to achieve with the Trojan apps is currently unclear. The security researchers assume that it is primarily about money. The campaign will be active in 17 countries around the world.

TIP: Avoid dubious apps for more security

Only install apps from trusted sources. This not only means the app store itself, but also the software manufacturer. 

▶ Here you should rely on well-known, reputable manufacturers. If a manufacturer name sounds unfamiliar to you, go for apps with a high number of downloads and good ratings. 

▶ You should not only look at comments in the app store itself, but also use the search engine to browse online forums or advice articles to get an idea of ​​the app’s reputation. Information about dubious apps usually spreads quickly on the web. 

▶ If in doubt, do not install it if you are unsure.

Tim Gumbert
Tim Gumbert
Tim is the go-to guy when it comes to finding all the gems regarding life as an Expat in Germany. His whole motto is discover Germany on your own and without a roadmap, explore new routes while climbing or mountain biking.


Please enter your comment!
Please enter your name here

Related articles

Grilling on the balcony in Germany – What is allowed and what is not allowed?

Summertime is grill timein Germany. And for some barbecue enthusiasts, it is barbecue season all year round. But you don't...

Is Delta Plus any more dangerous than Delta? Corona sub-variant continues to spread in Germany

A new variant of the coronavirus is first detected in Great Britain is increasingly being detected in Germany. How...

Poisonous sulfur cloud with EXTREME concentration over Germany – Concerned citizens call the weather service

A poisonous sulfur cloud is moving to Germany. It comes from the volcano on La Palma. The concentration is extremely...

Easiest way to get a Schengen visa: Which countries are the easiest to issue a Schengen visa?

According to the European Commission, almost 17 million applications for a short-stay visa (Schengen Visa C) were submitted...