Detect Date 06/09/2017
Class Trojan
Platform AndroidOS

The Trojan runs in the background and has no user interface. It installs other applications from a certain site. Such applications are tracked in an internal database. New data is downloaded from a server in JSON format.
The Trojan has functionality for obtaining root access and showing advertising.

Geographical distribution of attacks by the Trojan.AndroidOS.Roversa family

Geographical distribution of attacks during the period from 09 June 2016 to 09 June 2017

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Russian Federation 31.31
2 India 14.81
3 Algeria 4.31
4 Ukraine 3.88
5 Bangladesh 3.43
6 Indonesia 2.65
7 Philippines 2.45
8 Mexico 1.81
9 Iran 1.62
10 Nigeria 1.61

* Percentage among all unique Kaspersky users worldwide attacked by this malware

Find out the statistics of the threats spreading in your region