Victims don't need shoes or a shirt to get served by the DressCode malware which has already been spotted in 3,000 Android applications, 400 of which are available in the Google Play Store.
Trend Micro researchers said the malicious code only makes up a small portion of the code in the “trojanized" apps making it difficult to detect since the malicious apps are disguised as anything from games, skins and themes to phone optimization boosters, according to a Sept. 29 blog post.
Once installed. the malware connects to its command and control server and allows threat actors to infiltrate a victim's network where it can scan for other unprotected devices for an attacker to seize control over. The malware poses a significant threat to enterprise networks with BYOD programs as it could allow and attacker to bypass the NAT device to attack an internal server or to access sensitive data.