This Android app disguises itself as a system update to steal your data

Be careful, because a newly discovered malicious application pretends to update your phone, but is actually a particularly dangerous spyware application created with the aim of stealing the whole thing. data set, and track every step and search history on the infected device online.

Simply called System Update, this Android app was discovered by researchers at mobile security firm Zimperium, and classified as a remote access Trojan (RAT) – a group of malware for allow hackers to access and control the victim’s device remotely.

The Malware RAT that we are talking about here convinces users to download with promises to keep the device up to date to the latest version, but instead sends all the information it gathers about. a Control & Control server. Shridhar Mittal, CEO of Zimperium, said he thinks the app is part of a ” clear targeted attack “.

” It is the most sophisticated SV we have ever seen, ” said Mittal. ” I think someone has spent a lot of time and effort creating this app. We believe there are other apps out there like this, and are looking for ways to spot them as soon as possible. “

The amount of data this “sneaky scoundrel” has the potential to steal really frightens anyone, including: messages and database files from instant messaging apps; call log and phone book; Whatsapp messages and databases; photos and videos; Your entire SMS; and information about almost everything else in your phone (for example, it inventory all the apps on the phone).

It can also track your GPS location (so it knows exactly where you are), take control of your phone’s camera to take pictures, review search history and bookmarks in the browser. , and activate the phone’s microphone for recording.

Application spy features are launched whenever new information is received by the device. Researchers say that the RAT constantly searches for ” any activity it is interested in, like a phone call, to instantly record the conversation, collect the newly updated call history, and then upload the content to the Control & Control server as an ” encrypted ZIP file “. After stealing your data, the application will erase all traces of its activity, concealing what it is doing.

Fortunately, this “nightmare” has never set foot on the Google Play Store, even though it is present on a third-party app store – according to the researchers. Malicious apps like these are an ever-growing problem for consumers, so it’s best to limit the installation of too many apps on your phone, and remember to follow the rules. security switch before downloading anything to prevent data from falling into the hands of malicious scammers.

Reference: Gizmodo