{"id":12725,"date":"2017-07-24T12:36:16","date_gmt":"2017-07-24T17:36:16","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=12725"},"modified":"2017-08-01T23:23:37","modified_gmt":"2017-08-02T04:23:37","slug":"trojanflyer-infect-120000-android-users","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/","title":{"rendered":"TrojanFlyer Malware Infects 120,000 Android Users"},"content":{"rendered":"<p><b>PSafe\u2019s Threat Analysts<\/b><span style=\"font-weight: 400;\"> have discovered a malicious malware that infected at least 8 apps in <em>Google Play<\/em>. The malware, named <strong>TrojanFlyer<\/strong>, affected at least 120,000 Android users, possibly more.<br \/>\n<\/span><span style=\"font-weight: 400;\"><br \/>\nThe mistake that app users make is assuming that only one or two apps are infected, concluding that suspicious apps fall into the same category on <em>Google Play<\/em>, or are produced by the same developer.<\/span><\/p>\n<p>Not so with <strong>TrojanFlyer<\/strong>. In this latest attack, cyber criminals used clever methods by corrupting several\u00a0apps in different categories carrying the same malware.<\/p>\n<p>These developer names popped up across the 8 apps: Chet Grode, DenSavin, Lakov Kay. The apps were a QR code reader, wallpaper, battery optimizer, and photo galleries of beautiful women.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12924\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png\" alt=\"TrojanFlyer2\" width=\"601\" height=\"430\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12921\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer1.png\" alt=\"TrojanFlyer1\" width=\"600\" height=\"311\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12974\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/Trojan-14.png\" alt=\"Trojan-14\" width=\"599\" height=\"688\" \/><\/p>\n<p>These 8 app packages were the culprits:<\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.appmasteringsoft.qrcodefree<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.boxedstudiolow.wallhdplus<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.lightboostcleaner.app<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.ivoice.voicecallsrecorderapp<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.microtikappstudio.wallalbumsfree<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">vn.smartringtonesapp<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.exfrontvisuals.hdimagesfree<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">com.esterightsapps.wallcollectionfree<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">After users initially downloaded these apps, they behaved normally, while in the background the malware was already running, using a service to start the APP which takes over a user\u2019s entire operating system. <\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The malware used a developer&#8217;s tool called AlarmManager to monitor if a smartphone is turned on and has a WiFi connection. Once an Internet connection is established, hackers download the second part of the malware:<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12934\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-3.jpg\" alt=\"TrojanFlyer-3\" width=\"600\" height=\"174\" \/><\/p>\n<p><span style=\"font-weight: 400;\">Next, the malware gained further control by asking users for unusual permission requests:<\/span><\/p>\n<blockquote><p>android.permission.READ_CALL_LOG<br \/>\nandroid.permission.READ_CONTACTS<br \/>\nandroid.permission.READ_EXTERNAL_STORAGE<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12940\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-4.jpg\" alt=\"TrojanFlyer-4\" width=\"600\" height=\"96\" \/><\/p>\n<p>In order to take over an\u00a0entire device, the model, brand and Android version are fed to a server and a jar file is downloaded to the application folder:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12945\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-5.png\" alt=\"TrojanFlyer-5\" width=\"600\" height=\"210\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12946\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-6.png\" alt=\"TrojanFlyer-6\" width=\"600\" height=\"427\" \/><\/p>\n<p>And then a full take-over can begin.\u00a0The malware\u00a0starts\u00a0to receive commands from a\u00a0server hosted in downloadh.pw:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12949\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-7.png\" alt=\"TrojanFlyer-7\" width=\"600\" height=\"106\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12950\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-8.png\" alt=\"TrojanFlyer-8\" width=\"600\" height=\"165\" \/><\/p>\n<p>New native codes are initiated:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12956\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-9.png\" alt=\"TrojanFlyer-9\" width=\"600\" height=\"116\" \/><\/p>\n<p>Finally, those compromised permissions are accessed, such as the contact list:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12959\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/Trojan-10.png\" alt=\"Trojan-10\" width=\"600\" height=\"108\" \/><\/p>\n<p>Call history:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12962\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/Trojan-11.png\" alt=\"Trojan-11\" width=\"600\" height=\"248\" \/><\/p>\n<p>SMS history:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12965\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-12.png\" alt=\"TrojanFlyer-12\" width=\"600\" height=\"229\" \/><\/p>\n<p>Number of photos and photo storage:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12971\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer-13.png\" alt=\"TrojanFlyer-13\" width=\"600\" height=\"238\" \/><\/p>\n<p><span style=\"font-weight: 400;\">The scary result is criminals had full control of a smartphone with <strong>TrojanFly<\/strong>, being able to access personal information, private photos, make calls, send text messages, or infiltrate banking apps.<\/span><\/p>\n<p>With the latest Android 6.0\/7.0 updates, permissions for your apps has certainly changed, but always be cautious which permissions you allow. Ensure the permissions fit the purpose of the app.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-12734\" src=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/reviews-google-play.png\" alt=\"reviews google play\" width=\"615\" height=\"161\" \/><\/p>\n<p>If you\u2019re being asked for access to your contacts list, for example, and you\u2019re unsure, always delete the app immediately and activate a trusted antivirus app.<\/p>\n<p><span style=\"font-weight: 400;\"><strong>PSafe\u2019s DFNDR security app<\/strong> deters 65,000 instances of malware and 700,000 suspicious links a day. We strive to offer the most robust protection for your Android device. Find our full suite of products on the <\/span><a href=\"https:\/\/play.google.com\/store\/apps\/dev?id=6983664378165836486&amp;hl=en\"><span style=\"font-weight: 400;\">Google Play store<\/span><\/a><span style=\"font-weight: 400;\"> now.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The DFNDR Research Lab has discovered an insidious malware. Learn which apps to avoid on Google Play and how to protect your device.<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[5],"tags":[4473,1053,4476],"class_list":["post-12725","post","type-post","status-publish","format-image","hentry","category-security","tag-android-users","tag-google-play-store","tag-trojanflyer","post_format-post-format-image"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>TrojanFlyer Malware Infects 120,000 Android Users - PSafe Blog<\/title>\n<meta name=\"description\" content=\"Our Threat Analysts have discovered a vicious new malware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TrojanFlyer Malware Infects 120,000 Android Users - PSafe Blog\" \/>\n<meta property=\"og:description\" content=\"Our Threat Analysts have discovered a vicious new malware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/\" \/>\n<meta property=\"og:site_name\" content=\"PSafe Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-07-24T17:36:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-08-02T04:23:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png\" \/>\n<meta name=\"author\" content=\"PSafe Newsroom\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/\"},\"author\":{\"name\":\"PSafe Newsroom\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\"},\"headline\":\"TrojanFlyer Malware Infects 120,000 Android Users\",\"datePublished\":\"2017-07-24T17:36:16+00:00\",\"dateModified\":\"2017-08-02T04:23:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/\"},\"wordCount\":446,\"image\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/07\\\/TrojanFlyer2.png\",\"keywords\":[\"Android Users\",\"google play store\",\"TrojanFlyer\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/\",\"name\":\"TrojanFlyer Malware Infects 120,000 Android Users - PSafe Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/07\\\/TrojanFlyer2.png\",\"datePublished\":\"2017-07-24T17:36:16+00:00\",\"dateModified\":\"2017-08-02T04:23:37+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\"},\"description\":\"Our Threat Analysts have discovered a vicious new malware.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/07\\\/TrojanFlyer2.png\",\"contentUrl\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2017\\\/07\\\/TrojanFlyer2.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/trojanflyer-infect-120000-android-users\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"TrojanFlyer Malware Infects 120,000 Android Users\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/\",\"name\":\"PSafe Blog\",\"description\":\"Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\",\"name\":\"PSafe Newsroom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"caption\":\"PSafe Newsroom\"},\"description\":\"The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/author\\\/newsroom-psafe\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TrojanFlyer Malware Infects 120,000 Android Users - PSafe Blog","description":"Our Threat Analysts have discovered a vicious new malware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/","og_locale":"en_US","og_type":"article","og_title":"TrojanFlyer Malware Infects 120,000 Android Users - PSafe Blog","og_description":"Our Threat Analysts have discovered a vicious new malware.","og_url":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/","og_site_name":"PSafe Blog","article_published_time":"2017-07-24T17:36:16+00:00","article_modified_time":"2017-08-02T04:23:37+00:00","og_image":[{"url":"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png","type":"","width":"","height":""}],"author":"PSafe Newsroom","twitter_misc":{"Written by":false,"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#article","isPartOf":{"@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/"},"author":{"name":"PSafe Newsroom","@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d"},"headline":"TrojanFlyer Malware Infects 120,000 Android Users","datePublished":"2017-07-24T17:36:16+00:00","dateModified":"2017-08-02T04:23:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/"},"wordCount":446,"image":{"@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#primaryimage"},"thumbnailUrl":"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png","keywords":["Android Users","google play store","TrojanFlyer"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/","url":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/","name":"TrojanFlyer Malware Infects 120,000 Android Users - PSafe Blog","isPartOf":{"@id":"https:\/\/www.psafe.com\/en\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#primaryimage"},"image":{"@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#primaryimage"},"thumbnailUrl":"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png","datePublished":"2017-07-24T17:36:16+00:00","dateModified":"2017-08-02T04:23:37+00:00","author":{"@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d"},"description":"Our Threat Analysts have discovered a vicious new malware.","breadcrumb":{"@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#primaryimage","url":"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png","contentUrl":"https:\/\/www.psafe.com\/en\/blog\/wp-content\/uploads\/2017\/07\/TrojanFlyer2.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.psafe.com\/en\/blog\/trojanflyer-infect-120000-android-users\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.psafe.com\/en\/blog\/"},{"@type":"ListItem","position":2,"name":"TrojanFlyer Malware Infects 120,000 Android Users"}]},{"@type":"WebSite","@id":"https:\/\/www.psafe.com\/en\/blog\/#website","url":"https:\/\/www.psafe.com\/en\/blog\/","name":"PSafe Blog","description":"Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.psafe.com\/en\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d","name":"PSafe Newsroom","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","caption":"PSafe Newsroom"},"description":"The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.","url":"https:\/\/www.psafe.com\/en\/blog\/author\/newsroom-psafe\/"}]}},"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/12725","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=12725"}],"version-history":[{"count":0,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/12725\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=12725"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=12725"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=12725"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}