The Svpeng is an Android Trojan, or a piece of malware, which sneaks onto smartphones and tablets and runs some harmful code. The Svpeng was first time appeared about a year ago, from that it has been just one of many SMS-based banking Trojans, which can steal money from SMS banking accounts in Russia and generally wreaking minor have on the Android eco-system.
But from the past year, little Svpeng (Android Trojan) has grown up. Now there are various versions of Svpeng can target mobile banking apps, disguise themselves as the Google Play store and even lock up infected phones and hold them for ransom. Now the little Svpeng has moved out of its home in Russia and is now infecting other Android devices across the world, especially in the United States.
The famous Antivirus manufacturer Kaspersky Lab first detected this Android Trojan. According to the Kaspersky Lab the Svpeng has gained the ability to remain hidden, even on the infected phones until the Smartphone users access certain mobile banking apps on its phone. The Svpeng has an ability to block those official banking apps from opening, and instead of that this malware has launched a fake interface, which is designed to look like the real app. The Svpeng has prompted the users to enter their banking credentials, that were sent on to the criminals which works behind to the malware.
This Android Trojen Svpeng has also done similar kind of thing with the Google Play store. When a user whose Android Smartphone is a Svpeng-infected phone and tapped to open the Google Play app, then that time the Svpeng has launched an overlay which is designed to look like an authentic part of the app, and asked to the users to “re-enter” the credit-card numbers or other financial information. Now the Svpeng is incorporating some ransomware features specific to “police Trojans.”
Svpeng would replace the regular Android screen with a message, allegedly from local law enforcement, claiming that the phone’s owner had been caught viewing child pornography and would need to pay a fine of $500 in order to unlock the phone.
The Kaspersky Lab has also said that the new version of Svpeng got a makeover in looks as well as strength : Its screen overlay stops Android users from accessing any other device functions, and is difficult to circumvent because the malware launches upon reboot.The Kaspersky has also said that, 91 percent of the devices infected by this new Svpeng ransomware variant were located in the U.S., and it’s also been detected on phones in the United Kingdom, Switzerland, Germany, India and Russia starting affecting.
Kaspersky Lab has also found the evidence in Svpeng’s code, which the criminals might be prepping it to encrypt an infected phone’s files, and thus making the files inaccessible even if the devices are rebooted in the safe mode also.