ESET warns of the emergence of a new malicious program aimed at mobile devices running Android operating systems.

Malware, called Android / Charger. B, was found in the Google Play store. The Trojan is disguised as a flashlight application Flashlight LED Widget. But nothing prevents hackers from distributing the program under the guise of other applications and utilities. In addition, malware with a high probability of spreading through the informal stores of Android-applications.

After installation and startup, the program asks for device administrator rights and permission to open windows on top of other applications. Next, the trojan sends information about the device to the command server, including a list of installed applications, as well as the owner's photo taken by the front camera.

The main task of the malware is stealing passwords from applications of banks and social networks, in particular Facebook and Instagram. When the victim launches an attacker's application, a fake window appears for entering data. Logins, passwords or bank card data entered in the phishing window will be sent to the attackers.

Trojan can block the device screen, displaying a message about downloading updates. Experts assume that this function is used for theft of funds from the account.