Researchers have discovered a fake utility app called Swift Cleaner that they believe may be the first Android mobile malware developed using the open-source Kotlin programming language.
Found on Google Play, the malware was disguised as a tool called Swift Cleaner that has been installed between 1,000 and 5,000 times, according to a Jan. 9 blog post from Trend Micro. The fake app purports to perform such helpful tasks as system and cache cleaning and memory optimization, but in truth it is capable of malicious remote command execution, information theft, unauthorized SMS sending and URL forwarding, and click/ad fraud. It also signs up unwitting users for premium SMS subscription services, without permission.
Lorin Wu, a mobile threats analyst with Trend Micro, reports in the blog post that Google was notified of the threat, and responded by verifying that Google Play Protect has safeguards in place to protect users from the malware family in question. Wu did not indicate, however, if the app itself was removed from the store. SC Media has reached out to both Trend Micro and Google for further elaboration.