Cybercriminals are now targeting Android devices to inflict their next phase of ransom activities on unsuspecting victims. Kaspersky Lab engineers discovered Ztorg malware is hidden inside apps on the Google Play Store and by installing their malicious code in stages and wrapping a Trojan SMS around an encrypted rooting Trojan. The attackers then used the Trojan SMS to make money from victims through Premium-rate SMS while they waited to execute the rooting Trojan. More than 50,000 times of these inflicted app has been downloaded since.

While these apps have been removes, the determination of cybercriminals to infect Android devices with Ztorg malware through the store shows no signs of slowing down, with attackers constantly adapting their tools and techniques to avoid discovery.  Users are advised to be cautious when downloading suspicious apps from the Play Store and always conduct constant clean up f their devices using suitable security software.