The devices which are running android Operating System are affected by a modified version of the Tordow Malware, The original malware was released at the start of the Q1.
The base version of the Malware tries to access the Root user privileges to steal your passwords.
It is trojan horse where it attempts to get full control and then perform tasks such as controlling phone calls, SMS and it will even try to install apps and rename the core files of the android.
How does the malware enter the Phone
The malware spreads through the apps which are downloaded from the Third Party Sources, to So we suggest staying away from those stores and download apps from the sources that your trust, which reduces the probability your begin affected by the malware.
Comodo says attackers download these apps, reverse-engineer them to inject the malware, and then reupload the apps in the stores. Titles such as Pokemon Go, Telegram, and Subway Surfers have already been infected, so you better stick to the official Play Store to remain secure.
Since they are delivered as APK files, these applications can also spread via social media or other sites, so it’s important to always download from sources that you can trust.
How does it enter your phone
Once the App got installed in the victim’s phone it tries to gain root privileges and establishes a connection to the command center to await the further instructions.
So that attackers can execute any command they want on your phone, The malware has mostly targeted the bank apps in your mobile and financial information.
Removing Tordow from an infected device is particularly difficult since it gets root access, so flashing a new firmware might be the best way to do it, as deleting the source app that led to the infection does virtually nothing.