The open-source Kotlin is an official programming language for Android. It is supposed to showcase a safety features in order to make the Android app clean by default. It is popular among developers and even Twitter and Netflix are among the 17 percent of Android Studio project users.
Since Kotlin has been released, according to malware researchers this is the first time the programming language has been used to design a malware that can be found in the Google Play Store. It is interesting enough to know that the malware is designed to steal information, run click fraud in the background and even sign up users to a premium SMS service all without the user knowing.
Trend Micro researchers have discovered this malware. They have said that this malicious app is pretending to be a utility tool for cleaning and optimizing Android devices and has been said to be downloaded up to 5,000 times.
Same as other malicious apps, it connects to a remote server. Later on it sends an SMS to a number provided by the server. This in turn will start URL forwarding to initiate the click fraud side of it.
Commands from the server are received which in turn executes a WAP (Wireless Application Protocol) routine which accessed the information over the wireless network. It also injects code for malicious JavaScript that silently accesses the data from the device.
After all of the things done in the background, it can upload information they have stolen from the device to the command and control server and run the subroutine which adds them up to a premium SMS subscription service that is ends up with the victim being charged without their permission. They will later learn that they have been charged for something they have not signed up for. This would reflect on their next phone bill.
The guys from Trend Micro has already informed Google about this malware.
A ton of effort has been done by Google to keep Android malware out of its app store, however, due to the sheer volume of apps, some were able to slip through. Some apps as simple as a flashlight has caused a lot of trouble for people after it had been downloaded and others are a lot more complex in nature.
There is no assurance that developers have good intentions while developing the app so we need to be vigilant always.
