Security News > 2021 > March > New Android malware spies on you while posing as a System Update

New Android malware spies on you while posing as a System Update
2021-03-27 05:00

New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is ready for exfiltration.

Zimperium researchers who spotted it said that it's capable of "Stealing data, messages, images and taking control of Android phones."

Once installed on an Android device, the malware will send several pieces of info to its Firebase command-and-control server, including storage stats, the internet connection type, and the presence of various apps such as WhatsApp.

Unlike other malware designed to steal data, this one will get triggered using Android's contentObserver and Broadcast receivers only when some conditions are met, like the addition of a new contact, new text messages, or new apps being installed.

The malware will also display fake "Searching for update." system update notifications when it receives new commands from its masters to camouflage its malicious activity.

Unlike other malware that harvests data in bulk, this one will also make sure that it exfiltrates only the most recent data, collecting location data created and photos taken within the last few minutes.


News URL

https://www.bleepingcomputer.com/news/security/new-android-malware-spies-on-you-while-posing-as-a-system-update/

Related news