A pirated Credo Murderer application for Android version is included with the malware according to the security service-as-as-Zscaler.
Assassins Creed is a popular series of open-world adventure games available in several iterations on the Xbox, PlayStation, PC and other gaming platforms.
There are also premium Murderer Credo applications for Android. However, users who want to download a free version of this application pirate can find their Android devices silently infected with a piece of malware mobile banking.
The Trojanized variety of Credo Murderer application has the potential to be very powerful, because when a user downloads it, what he or she is actually the download is malware. The malware in turn download a fully functional version, pirates of the actual application. The game app works as advertised, so the standard mobile player will have a hard time realizing that the package has been downloaded is malicious.
The attack is particularly timely during this holiday shopping season, and a number of retailers are bundling the last, XBOX An edition of the series with the newest Microsoft game console. The XBOX One is probably one of the most popular gifts this season, especially between consoles, as reports began to emerge last night that Microsoft game console outsold Sony PS4 in November.
The malware, according to Zscaler, has the ability to send text messages to several parties, texts victim harvest stolen devices and send command to a server and remote data. C & C servers are hard coded in applications as bnk7ihekqxp [.] Net and googleapiserver [.] Net.
"We were able to locate phone numbers belonging to Russian bank Volga-Vyatka Bank of Sberbank of Russia in the code of the malicious application for SMS messages were intercepted to steal sensitive information," the researchers wrote Zscaler. "Another interesting feature we saw is the use of AES encryption for all communication C2. Also harvest and identification number of the mobile subscriber information from the victim device for monitoring".
The application requests a number of permits that include the ability to access the state network, obtain accounts, access the Internet, outgoing calls the process, read external storage, read phone state, read SMS, received boot completed, receive SMS, send SMS, lock wake, write to external storage and write SMS.
MD5 information is available on VirusTotal. The application itself weighs 3.25 MB and the file is called assassins_creed.apk with the name of dsifakf.aoakmnq package.com
If users stick to the official Google Play store and avoid downloading pirated applications, then you will not have to worry about downloading this particular malware.
Image courtesy of Google Play Store