KevDroid – Malware for Android

Due to the increasing number of smartphone users, many hackers have decided to focus their efforts on creating newer and more advanced malware viruses for Android devices. One of the most recent examples of a newly released malware for Android is a virus called KevDroid which has been detected by Cisco Talos cyber-security researchers. According to their remote, KevDroid is a Trojan for Android devices such as smartphones and tablets that is capable of conducting espionage on the devices’ users and collecting sensitive personal data. This particular virus is referred to as a RAT (remote administration tool) and it allows its creators to gain significant privileges on the infected device. So far, the malware seems to be getting distributed disguised as a fake antivirus for Android named Naver Defender. Users are advised to keep away from this deceitful app if they ever come across it as this is currently the main source of the KevDroid virus.

Capabilities of the Malware

According to the researchers at Talos, there are two separate variants of the virus. The first one has abilities such as acquiring extensive information about the user’s device such as phone number, installed apps, call logs, SMS history, contacts, location, photos, e-mails, etc. Also, it is said to be capable of secretly recording calls made to and from the device. The second variant of the malware goes even further in its insidious activities – aside from being able to conduct the same tasks as the first variant, this one could also record through the device’s camera and mic, access the browsing history and even steal data from the device as well as gain root access.

Also, it needs to be mentioned that a similar malware virus has been reported to Windows computers which seems to share a lot of its characteristics with the KevDroid for Android.

Protection and security

As is with most malware viruses for Android, this nasty Trojan too relies on tricking the user into downloading and installing some seemingly legitimate app which is actually used as a carrier for the malware. In this case, as we mentioned, the app responsible for this infection is a fake AV called Naver Defender. However, this doesn’t mean that the virus cannot get to you through some other sketchy application. That is why, in order to keep your Android device safe, the two main rules that you’d need to employ are to always download new apps only from reputed sources and also to only always look up any new application in order to see what comes up and if there’s anything potentially suspicious about the app before you install it on your smartphone or tablet.


Leave a Comment