This article is more than 1 year old

Google AdSense abused to distribute Android spyware

Svpeng Trojan incoming!

A banking trojan targeting Android users is spreading through malicious ads as part of an ongoing campaign.

The scenario by which the malware spreads is all too familiar to long-suffering Windows fans, but may well come as an unpleasant shock to smartphone users.

Worse yet, Android users can get infected by the Svpeng Trojan simply by visiting mainstream websites, as researchers from Kaspersky Lab explain:

By simply viewing their favourite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q. There you are, minding your own business, reading the news and BOOM! – no additional clicks or following links required. And be careful – it’s still out there!

The malicious code is downloaded via the Google AdSense advertising network. The same tactic was used to spread the Svpeng Android banking trojan via the Meduza news portal last month.

Svpeng intercepts banking-related SMS messages as well as launching phishing Windows on compromised smartphones. In addition, Svpeng siphons off all manner of private information from infected smartphones, including call history, text and multimedia messages, browser bookmarks and contacts. ®

More about


Send us news

Other stories you might like