Click to Skip Ad
Closing in...
  1. Best Memory Foam Mattress
    12:31 Deals

    When 75,000 Amazon shoppers rave about a $130 memory foam mattress, you need to check it o…

  2. Control Garage Door With iPhone
    08:10 Deals

    Unreal deal gets you Amazon’s hottest smart home gadget for $23 – plus a $40 c…

  3. Best Amazon Finds 2021
    08:49 Deals

    5 must-have Amazon devices you might’ve never even heard of

  4. Amazon Deals
    10:07 Deals

    Today’s best deals: Free $15 Amazon credit, unbelievable AirPods blowout, rare Nest…

  5. Apple Watch Series 6 Amazon
    14:59 Deals

    Apple Watch Series 6 is $100 off in this surprise Amazon sale

This new Android malware is so devious

March 29th, 2021 at 5:47 PM
Android malware

Security researchers have found a new example of Android malware that is almost as devious as it gets, in terms of the way that it tries to fool unsuspecting users.

Zimperium zLabs researchers found what they describe as a “sophisticated new malicious app” targeting Android users that disguises itself as a System Update, even though it’s not. Moreover, this application is able to completely take over a victim’s phone, including by stealing data, messages, and images. To the point that, once this app takes over a targeted phone, “hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more,” according to a blog from the researchers that explains what they found.

Today's Top Deal Super-popular TP-Link Kasa mini Alexa smart plugs just hit a new all-time low price of $6 each! List Price:$26.99 Price:$23.99 You Save:$3.00 (11%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

“The mobile application poses a threat to Android devices by functioning as a Remote Access Trojan (RAT) that receives and executes commands to collect and exfiltrate a wide range of data and perform a wide range of malicious actions,” the researchers’ blog post continues. Those actions also include:

  • Stealing instant messenger messages and database files;
  • Inspecting the bookmark and search history from Google Chrome, Mozilla Firefox, and Samsung Internet Browser;
  • Searching for files with specific extensions (including .pdf, .doc, .docx, and .xls, .xlsx);
  • Inspecting the clipboard data and the content of notifications;
  • Recording audio and phone calls;
  • Periodically taking pictures (either through the front or back cameras);
  • Monitoring the GPS location;
  • And stealing SMS messages, phone contacts, and call logs.

As if all that wasn’t bad enough, this particular application is also able to conceal its presence from the victim by hiding the icon from the device’s menu or app drawer.

Zimperium CEO Shridhar Mittal told one news outlet that this malware seems like it was part of a targeted attack. “It’s easily the most sophisticated we’ve seen,” Mittal said. “I think a lot of time and effort was spent on creating this app. We believe that there are other apps out there like this, and we are trying our very best to find them as soon as possible.”

Zimperium says that this malware’s functionality and data exfiltration are triggered under conditions that include a new contact being added to the device, a new SMS text being received, or a new application installed “by making use of Android’s contentObserver and Broadcast receivers.”

Here’s the good news about this malware: It’s not coming from the official Google Play Store. Zimperium confirmed with Google that this app is not and has never been available on Google Play, which means users are unwittingly downloading this to their device when they visit unofficial third-party application stores — a huge mobile security no-no. So make sure you’re getting your apps from Google’s official store, and you should be safe.

Today's Top Deal Behold: Apple AirPods Pro just hit Amazon's lowest price of 2021! List Price:$249.00 Price:$189.99 You Save:$59.01 (24%) Buy Now Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News