Dvmap — First Ever Android Rooting Malware with Code Injection Capabilities
Trojan Dvmap distributed through the Google Play Store, uses various exceptionally dangerous methods, including patching system libraries. It installs malicious modules with different functionality into the system.
Dvmap observed by security experts from Kaspersky Labs in April 2017. To bypass the Google Malware scanner they use to upload a clean Version of the app to store first at the end of March 2017.