A new Tordow style Trojan is playing very quickly among unofficial Android stores like Mobogenie, Aptoide or BlackMarket. It is being detected in many installations. In the style of Tordow, it manages to root in our phone to remove from any important information such as banking details.
An exploit is a piece of software and / or actions, used in order to exploit a security vulnerability to achieve an unwanted behavior of the same
Tordow is very dangerous, but the “good” is that it has not left Russia. In contrast this other virus, technically called as Android.BankBot.149.origin itself is available in more “Western” app stores. That is why we ask that you don’t download applications from unofficial markets, because not only will you infect yourselves, but also help you possibly to have this Trojan infect.
Root access itself is dangerous because any malicious application can take advantage of it, this Trojan is even more so because we would not know that they are stealing the data. It is not like the traditional root that asks us for permission whenever an application wants to use it; Is a root that activates without us giving it permission. The application itself will be able to give itself administrator permissions.
Unfortunately the code has been published on different Internet websites, so it must already be all over the network. Most likely, the code corresponds to the one of Tordow or that in its defect is an alternative version. Many of the Trojans are “opensource” and anyone can modify them, as is the case here.