This apparently harmless application on PDF, managed to take control of our mobile phone.
One of the basic rules to avoid infecting our mobile phone with malware is basically never install applications outside the Google application store, a seemingly simple advice, but that there are many users who do not follow the letter, but when you download a malicious application from Google Play and get infected, things are more serious.
Recently the website VirusTotal has located a threat in the form of a PDF reading and editing application (PDF +), which with a fairly simple procedure, was able to take control of the user’s device.
Although Google has already withdrawn it, it has previously been among the top positions in the productivity category, being downloaded more than 100,000 times.
When the application is installed, a pop-up window appeared inviting the user to install a Flash Player update using an external APK, and this is when the thing was already strange.
If the user decides to download it and grant the necessary permissions, the terminal will be infected. The banking trojan it asked for different accesses for the administration of the device, such as access to files, see the stored passwords or various accessibility issues to control the phone screen.
It is a new way that cybercriminals use to launch some type of malicious application that can take control of our device, through the official Google store, trying to know our access credentials to different banking applications.
If it sounds like you have had this application, you should check that it is not really installed. If you find it, first clear data and cache, and delete it.
On the other hand, it would be recommended that you also change the access codes to your different bank accounts, if you have these applications from your bank installed on the infected terminal.