Rest assured that all the content is still available!
Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits.
So we decided to take a look into it, mostly because something about the shape of the email and the link were suspicious. The two files have the same size, but the hash is different.
On a pool of approximately 1800 samples collected from the Play Store1, Cogito detected two of them as malicious in a matter of seconds.
We recently announced an extension of the framework that detects previously unknown mobile malware.
This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017.
In fact, fullscreen Ads are displayed each time: One of the two applications also contained really suspicious code to auto-click Ads issued by Facebook.
The updated application information was the following (right before being removed by Google): Application Name: Phone Cleaner Dev Package Name: read.physical.trian Play Store Link: (removed from Play) play.google.com/store/apps/details?