Backdoor.AndroidOS.Ztorg obtains root privileges and connects to the attacker’s command-and-control server. The malware collects information on the infected device (passwords, browser history, etc.) and sends it to the attacker. When ordered by the server, Backdoor.AndroidOS.Ztorg can delete or download apps, including new versions of malware.
Geographical distribution of attacks by the Backdoor.AndroidOS.Ztorg family
Top 10 countries with most attacked users (% of total attacks)
* Percentage among all unique Kaspersky Lab users worldwide attacked by this malware