New Android malware variant GhostCtrl steals data, control devices functionalities and even hijack devices. Malware uses legitimate and popular apps like MMS, WhatsApp and Pokemon GO. Security researchers from Trend Micro observed all the DNS servers resolves to the same C&C Server IP address. The first version enables the framework to gain admin level privilege and has no other codes, the second version is like a mobile ransomware it locks device reset password and gain root access. The third version posses obfuscation techniques to hide its malicious routines.”]
Source: https://gbhackers.com/record-audio-and-video-silently-with-obfuscated-android-backdoor-ghostctrl/