Doctor Web researchers have discovered a Trojan app present in the Google Play store. The app disguises itself as the Google Play Store by using the same icon and then launching the Play Store after being clicked. When open, it connects to a Command and Control server, where upon it relays the number of device it is installed on.

The C&C server then relays commands via text message to the device. Android.DDoS.1.origin can launch DDoS attacks against targets or text spam people, such as those located in the contacts of the device. Doctor Web says the app can cause the phone to lag and increase the device owner's bill through texting premium numbers, a method hackers use to generate revenue from apps like these.