Mobile malware, viruses, and trojans have become more common, and that fact serves as a good reminder to be a little cautious over what you do with your smartphone. One way of doing this is having a malware and virus scanner app installed on your device, and one of those is a well known option that also makes plenty of malware and virus scanner programs for PC’s, called Kaspersky. Kaspersky Labs has apparently stumbled upon a new type of mobile trojan that basically disguises itself as a harmless Tic-Tac-Toe game, which just puts things into perspective, that security risks like these can be tougher to spot then some might think.
Chances are though, that this particular game was not downloaded from the Play Store itself, so there’s one easy step you can take to ensure that you lessen your risk of coming across it or other apps/games like it. The trojan itself is called the Gomal Trojan, and it basically collects information and data about and from the devices that become infected with it, after which it sends that information back to a master server where the data is stored and be used for pretty much anything the hacker desires. The seemingly harmless game was found to have multiple spyware functionality features like stealing SMS messages, the ability to record sound, which is pointed out by Anton Kivva at Secure List as being fairly commonplace in this type of mobile malware these days, and that’s all in addition to the capability of being able to collect data and send it off to the main server where it can be stored.
It reportedly doesn’t just collect data about the user either, as it’s stated by Kaspersky that it can also collect the corporate data of the users employer. A big tip off for the team was making note of the permissions that the app was asking for, which prompted them to take a look into it, and that right there is the key. Look at the permissions especially if an app didn’t come from the Play Store. In this case, Kaspersky points out that the Tic Tac Toe game was sent to them for analysis, so it wasn’t something that they personally downloaded, you get the idea though. As a users it’s your personal responsibility to look over these details, which could prevent your phone or other devices from being infected with stuff like this. Interestingly enough, when analyzed, the game data was found to make up only 30% of the actual file, the remaining 70% of the executable file was spying functionality, which you can see in the image down below with the game code marked in green. If you haven’t realized it already, this is just another reason to try and be more aware.