A security company known as Dr. Web has discovered a new dangerous Trojan which focused on attacking the Android devices particularly because it has the ability to buy and then install apps on the same device directly from the Google Play Store. Specifically, it is a Trojan called Android. Slicer which remains hidden in an application that promises to provide cleaning functions of our phone memory and control closing unused applications. The trojan Android.Slicer handles installation and removal of apps and not only that, the app also has the ability to turn on or off the WiFi and Bluetooth connections with quick commands shown on the main screen of the user, in the form of pop-up floating. Once it gets installed on our Android device it can easily collect all the information from the terminal itself, like the IMEI number, MAC address, manufacturer or operating system version and send it to the C & C server then the server C & C may order the Trojan Android. Slicer shows ads on the device, hence it opens a page in the browser or automatically starts downloading the applications from the Play Store. In addition, devices that have the Android version 4.3, for those devices this Trojan may able to be even more dangerous, since it is able to download a rootkit called Android.Rootkit.40, which gives the Android.Slicer root permissions on the device. With these powers, the Trojan Android.Slicer is easily able to buy and install applications from the Play Store without the user being aware of them. Although the Trojan has the ability to create icons on the Home screen with access to purchased and installed applications, which can cause the user to realize that something strange is going on. It means that the victim will get the pleasant surprise in the next bill of the mobile phone as the trojan Android.Slicer may have bought many applications without the user being aware of it.