Security News > 2021 > March > New Android malware spies on you while posing as a System Update
New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is ready for exfiltration.
Zimperium researchers who spotted it said that it's capable of "Stealing data, messages, images and taking control of Android phones."
Once installed on an Android device, the malware will send several pieces of info to its Firebase command-and-control server, including storage stats, the internet connection type, and the presence of various apps such as WhatsApp.
Unlike other malware designed to steal data, this one will get triggered using Android's contentObserver and Broadcast receivers only when some conditions are met, like the addition of a new contact, new text messages, or new apps being installed.
The malware will also display fake "Searching for update." system update notifications when it receives new commands from its masters to camouflage its malicious activity.
Unlike other malware that harvests data in bulk, this one will also make sure that it exfiltrates only the most recent data, collecting location data created and photos taken within the last few minutes.
News URL
Related news
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Counterfeit Android devices found preloaded With Triada malware (source)
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)