The major attack, having affected more than 318,000 users, has finally been ground to a halt. On an interesting note, only Russian users had been targeted. Namely, the users, who had set the Russian language as the default UI (user interface) language on their mobile devices. The culprit of this Android attack was the Svpeng Android banking trojan. The trojan exploited the vulnerability of the Google Chrome browser of the mobile devices.
The executable file of Svpeng was named the following (the extension .apk here stands for the Android app files):
It is important to mention that the numbers of victimized users may possibly be lower. The reason for that is that the downloaded APK files needed to opened in order the trojan would be able to run on the system.
The cyber security researchers from Kaspersky Lab have stopped this attack from proliferating even further. They notified Google about the vulnerability, which employees released the Chrome update for Android devices. This update is aimed at the auto-downloading behavior of the browser of the Android mobile phones. Thus, the Svpeng trojan is now incapable of pursuing the attack. The onslaught lasted from August to November – around three months.