About the author
Bad news for Android users. Cybersecurity researchers have discovered new malware (called malware) that collects sensitive data on infected phones and then sends it to servers controlled by attackers.
Cybersecurity company Zimperium has come across the software. As it turns out, this is a malicious application disguised as a system update (“system update” – this is called). Under this interface is a so-called Trojan horse that allows remote access to our devices, and hackers can spy on us in various ways.
The list of capabilities of this tool is impressive, as it can, among other things: record audio and our conversations, take pictures, steal messages and SMS messages from messengers and contacts from writers, clipboard content, monitor our site and much more.
The new malware allows you full access to the affected smartphone, that is, the so-called root permissions (allows for almost unlimited in-depth modifications to be made to the phone).
Even if the attackers don’t get this access, they can track individual apps like WhatsApp. It is possible under the guise of requesting permission to use the so-called accessibility (these are additional options for people with disabilities).
Enabling these accessibility features may allow screen capture from WhatsApp.
Attackers can also intercept files stored on the SD card. When the victim is on the cellular network, only the thumbnails are uploaded, but when the victim switches to the Wi-Fi network, the malware sends the whole photos.
Even though the capabilities of System Update appear to be very great, it has limitations, however, the user should take responsibility for installing this program. Experienced users will have no problem with this – the malware is asking to install from an external store, not from the Google Play Store – and here the red light should be on.
Of course, the Google Store may contain malicious code apps as well, but it’s definitely a more reliable place than an external digital store.