News

Android malware caught hiding as a System Update to spy on users

A new, “sophisticated” Android spyware app disguising itself as a software update has been discovered by researchers. According to Zimperium zLabs, the malware masquerades as a System Update application while quietly exfiltrating user and handset data, reports ZDNet.

Once installed, the victim’s device is registered with a Firebase command-and-control (C2) server used to issue commands, while a separate, dedicated C2 is used to manage data theft.

The team says that data exfiltration is triggered once a condition has been met, including the addition of a new mobile contact, a new app is installed, or on receipt of an SMS message.

The malware is a Remote Access Trojan (RAT) and able to steal GPS data and SMS messages, contact lists, call logs, harvest images, and video files, covertly record microphone-based audio, hijack a mobile device’s camera to take photos, review browser bookmarks and histories, eavesdrop on phone calls, and steal operational information on a handset including storage statistics and lists of installed applications.

Instant messenger content is also at risk as the RAT abuses Accessibility Services to access these apps, including WhatsApp.

The RAT will also attempt to steal files from external storage. However, considering some content — such as videos — can be too large to steal without impacting connectivity, thumbnails alone are exfiltrated.

“When the victim is using Wi-Fi, all the stolen data from all the folders are sent to the C2, whereas when the victim is using a mobile data connection, only a specific set of data is sent to C2,” the researchers note.

This month, Google pulled several Android apps from the Play Store that contained a dropper for banking Trojans. The utility applications, including a virtual private network (VPN) service, recorder, and barcode scanner, were used to install mRAT and AlienBot.

Source: ZDNet

Read More: Sleeper malware found in nearly 30,000+ Macs.

Sponsored
Ahsan Zafeer

A digital marketing professional specializing in content-based functional areas - Ahsan Zafeer is driven by a never-ending passion for developing, nurturing, and strategizing key content aspects. He writes extensively on tech, digital marketing, SEO, cybersecurity, and emerging technologies. He also serves as a digital marketing strategist and freelance consultant for globally oriented organizations. He tweets @AhsanZafeer

Share
Published by
Ahsan Zafeer

Recent Posts

Garena Free Fire India Launch Rumors: What Fans Need to Know

Reports suggest that Garena Free Fire is set to make a much-anticipated return to India.…

12 hours ago

Albania Bans TikTok for One Year: Here’s the Reason!

The Albanian government has announced a ban on the social media platform TikTok for a…

16 hours ago

Google Pixel 9 Pro vs. 8 Pro: Biggest Upgrades Compared

The launch of Google’s latest Pixel lineup brings an exciting chance to compare the new…

18 hours ago

Azad Kashmir to Host Pakistan’s First Women-Centric Software Technology Park

ISLAMABAD: In February next year, Pakistan is set to launch its first women-focused software technology…

19 hours ago

HEC Reveals Law Admission Test Date for LLB Students

The Law Admission Test (LAT) has been announced by the Higher Education Commission (HEC) of…

19 hours ago

Meta’s WhatsApp to Release New Playback Speed Feature for Videos

Meta's WhatsApp is rolling out a new playback speed feature, allowing users to adjust video…

1 day ago