
Android users are still not immune to viruses, even if they use official Google apps
What is known
The malicious programs turned out to be Camero,FileCrypt Manager and Call Cam. According to the source, the SideWinder group of hackers, who have been operating since 2012, is related to the applications. These provisions have been active since March 2019, but have now been removed from Google Play. If you keep the listed programs on your smartphone or downloaded them from unverified sources, then it is better to get rid of them.

</ img>
SideWinder brings malware to smartphonesin two stages. First, Camero or FileCrypt Manager downloads the DEX file (Android file format) from its own command and control server. After that, the said file downloads another one in APK format and installs it without the user's knowledge. To install covertly, the program uses obfuscation, data encryption, and dynamic code calling.

</ img>
After downloading the additional DEX file,the program (Camero or FileCrypt Manger) installs and launches the callCam application. Still without the user's knowledge, and the program icon is hidden after launch.
CallCam collects the following information:
- Location
- Battery status
- Files on the device
- Installed Applications
- Information about the device
- Sensor Information
- Camera information
- Screenshots
- Account
- Information about Wi-Fi
- Data from WeChat, Outlook, Twitter, Yahoo Mail, Facebook, Gmail and Chrome