Following the footsteps of Apple’s homegrown Swift programming language for developing iOS apps, Kotlin has been growing at a fast pace (here’s why you should learn it). This doesn’t mean that all Kotlin developers are learning it with an aim to code safer and faster Android apps.
A new report from Trend Micro states the discovery of a new malicious app named ANDROIDOS_BKOTKLIND.HRX. This app is actually the first malware coded in Kotlin. At the moment, it’s not known if Kotlin’s advanced and user-friendly features have made a difference while creating malware.
The samples of the malware were spotted in Swift Cleaner, which poses itself as a tool for cleaning and optimizing your slow Android smartphones. Thankfully, the app has just 1,000-5,000 installations. However, it has some dangerous tricks up its sleeve.
Kotlin malware has dangerous capabilities
This Kotlin-based malware has the capability of remote command execution, SMS sending, URL forwarding, information theft, and click ad fraud techniques. Moreover, Swift Cleaner can sign up you for premium SMS-based services without your permission.
When the app is launched, the malware sends the device information to the remote server and kicks off the background services to get instructions from C&C server.
By uploading the information of user’s service provider and login information as well as CAPTCHA to C&C server, the malware automatically processes the subscription to premium SMS services.
The users are advised to take the recommended security methods and only download the trusted mobile apps. The hackers improving their game with new technologies and you shouldn’t remain ignorant.