Home Malware Programs Malware LeifAccess

LeifAccess

Posted: March 9, 2020

LeifAccess is the name of an Android Trojan that is being spread via bogus Android applications that may be hosted on the official Google Play Store or on 3rd-party Android application download platforms. It also is possible that the authors of the LeifAccess may be using misleading advertisements and fake downloads to convince more users to download and run the nefarious program.

Once LeifAccess is launched, it may display several prompts that ask the users to enable the application they just downloaded to utilize some of Android's embedded accessibility features – these are usually meant to help disabled users, but they are often abused by threatening Android software since these features might enable a remote attacker to mimic user interaction easily.

LeiftAccess may be Used to Boost the Reputation of Malware-Ridden Android Applications Artificially

The primary purpose of the LeifAccess Trojan is to improve the ratings and download count of Google Play Store applications artificially by using the victim's device to generate five-star ratings and reviews, as well as downloads. In addition to this, LeifAccess may be able to create multiple fake profiles on the compromised device, therefore allowing it to maximize the efficiency of its click-fraud campaign.

Although LeifAccess' main focus is boosting the reputation of selected applications artificially, it also has other Trojan-like features that may enable it to plant additional malware. In addition to this, LeifAccess engages in ad-fraud activity – it can use the Android notification bar to inject fake error messages, which, when clicked, take the users to the download page of a dodgy smartphone optimizer app.

The best way to protect your Android devices from threats like LeifAccess is to enable the protection features offered by popular Android security software applications.

Loading...