TrustGo Security Labs uncovered a new android virus on Google Play on 17th October and reported to Google.
The malware dubbed as FakeLookout.A steals sensitive personal information including SMS , video files, files on the SD card and transmits them to a remote FTP Server.
The researcher successfully gained access to the FTP server and discovered the stolen files. Based on IP address, the server is located in Colorado in the United States.
After further investigation, Researcher found that the cyber criminals also host a malicious website that drops a backdoor trojan and runs shell code in Windows Powershell.
The site targets multiple OS including Windows , Mac, and Unix/Linux. Depending on the user's platform, it drops different malware.
Within hours of notifying Google , the malware was removed from the Store, according to TrustGo blog post.
