Home स्मार्टफोन Android Phone Users, Beware of 'System Update' Malware That Can Steal Your...

Android Phone Users, Beware of ‘System Update’ Malware That Can Steal Your Photos and Messages


System update malware app (Image: Zimperium zLabs)

The security firm notes that upon installation (from a third party store), the malware communicates with the operator’s Firebase server – used to control the smartphone remotely. The collected data is then organised into several folders inside the spyware’s private storage.

Android-powered smartphones are reportedly facing threats from a new malware masquerading as a critical system update, researchers at mobile security firm Zimperium zLabs found. The new ‘advanced’ malware is capable of stealing personal data such as text messages, images, contacts and more. It is even capable of taking full control of the Android smartphone, the research firm notes. In a blog post, Zimperium explains that hackers can remotely execute commands (Remote Access Trojan) and perform a wide range of malicious actions once the bug takes control of the system. The bug comes bundled with an Android app called “System Update” that has to be installed outside of Google Play.

Speaking more over the development, Zimperium CEO Shridhar Mittal told TechCrunch that the malware was likely part of a targeted attack. “It is easily the most sophisticated we’ve seen. I think a lot of time and effort was spent on creating this app. We believe that there are other apps out there like this, and we are trying our very best to find them as soon as possible,” he added.

The security firm notes that upon installation (from a third party store), the malware communicates with the operator’s Firebase server – used to control the smartphone remotely. The collected data is then organised into several folders inside the spyware’s private storage. The “System Update” can even create a malicious notification that might appear to be a legitimate software update alert. “Apart from the various types of personal data stolen from the victim, the spyware wants more private data such as the victim’s bookmarks and search history from popular browsers like Google Chrome, Mozilla Firefox, and the Samsung Internet Browser,” the blog post highlights.

One of the easiest ways to avoid such malicious apps is not to download files outside Google Play Store. Mittal also confirmed to the publication that the malicious “System Update” app has never appeared on Google Play. On the other hand, Google is yet to address the issue publicly.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

SpaceX returns 4 astronauts to Earth in rare night splashdown

SpaceX returned four astronauts from the International Space Station on Sunday, making the first U.S. crew splashdown in darkness since the Apollo 8...

विदेश में फोन कॉल करने के लिए ऐसे करें अपने Airtel नंबर पर ISD एक्टिवेट

क्या आप अपने एयरटेल नम्बर पर ISD को एक्टिवेट करना चाहते हैं? आम भाषा में प्रचलित ISD को International Subscriber Dialling कहा...

New OnePlus Nord series likely to launch in India; Check price, features and more

Chinese smartphone maker OnePlus is cashing on the success of Nord series smartphones as it plans to launch Nord N100 and Nord N10...

Apple Music With Hi-Res May Be Launching Soon, And That’s Great News For AirPods Max Users

Spotify HiFi and Amazon Music HD are set to get some competition. It is expected that Apple will be adding the high-resolution audio...

Recent Comments