According to Kaspersky, the malware which is called Dvmap has
been on the playstore since April of this year 2017 and it has been able
to hide from Google’s protection and verification mechanisms for this
long by regularly swapping clean code with malicious code and vice
versa.
Once the malware is installed on your phone, the first thing it does is
to try and gain root access by using four different methods. Once this
is done and some malicious code are injected into your system library,
the malware can install third party apps on your phone at any time.
At the moment, only about 50,000 device have reportedly been infected
and the number can be on the rise unless Google is able to quickly track
down the malicious app.
Google introduced some bouncers in form of bots on the playstore in 2012
to help keep out malicious apps. Once any malicious app is detected,
Google can take them down from the app store and remotely uninstall them
from infected devices. But since this malware manipulates the system
library, it will make it difficult for Google to do so as the author can
decide to install a different version of the malware just to escape
Google's protection mechanism. Infected devices might end up
reinstalling their phones firmware entirely.
Pls dont forget to share this post with your friends