Security News > 2022 > September > Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws

Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft's security team has warned.

The Microsoft threat hunters' investigation began after receiving a text message claiming to be from India's ICICI bank's rewards program.

Using open-source intelligence, the security researchers determined that the phony app's command and control server is used by or linked to 75 other malicious Android applications, distributed as APK files.

In addition to pointing out malware in Android - an OS made by arch-rival Google - Microsoft also this week issued an out-of-band security update for a spoofing vulnerability in Microsoft Endpoint Configuration Manager.

Upon further analysis, Microsoft discovered the Android malware uses MainActivity, AutoStartService, and RestartBroadCastReceiverAndroid functions to conduct a raft of nefarious activities including intercepting calls, accessing and uploading call logs, messages, contacts, and network information, and modifying the Android device's settings.

As we've said before, it's nice that Microsoft is pointing out cybersecurity issues in other people's code - raising awareness is good for users - but it's strange to see Redmond making a song and dance about this sort of thing when it routinely downplays the scores of vulnerabilities it fixes in its own products every month.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/09/22/microsoft_android_spyware_endpoint/