New Android Malware Discovered

Mobile malware on smartphone
New malware puts Android devices at risk.

Researchers recently discovered a new Android malware that finds sensitive information on devices and sends it to hacker-controlled servers. 


The malware disguises itself as a system update users must download from a third-party store, according to researchers from Zimperium. The app is actually a remote-access trojan (RAT) that collects and conducts commands from the command-and-control server. The virus has a full range of capabilities, including stealing messages, inspecting internet bookmarks and search history, recording audio, and phone calls, taking pictures through the front and rear cameras, monitoring GPS location, and so much more. 


The list of messenger programs the app can steal from includes WhatsApp, which has over a billion users and promises greater security and encryption than other programs. One thing to note is that the malware only gets total control if it has root access to the device. 


If the app doesn’t get the root access it needs, it can still collect information, including conversation history. It does this by tricking victims into allowing Android accessibility services. These services are built into the OS and make it easier for those with disabilities such as color blindness to use their machine. It includes things such as modified displays and text-to-voice feedback. Accessibility services allow the app to scrape the WhatsApp screen and still collect some information. 


Another function of the app is stealing files from external storage devices. The app collects thumbnails to reduce bandwidth usage, which could tip off the victim that something is wrong. The malware sends the data to hackers when the device connects to Wi-Fi. It sends a reduced data package over mobile connections. 


While the app has every spying feature a malware program could want, there is one fatal flaw – it can’t infect devices without first tricking the user into making a decision. This decision is one that most experienced users won’t take. You have to download an app from a third-party site. While the Google Play Store isn’t perfect, it’s generally accepted it’s a relatively trustworthy place to download apps. 


Google declined to comment on the situation but did expressly state the app was never available on the official Play Store. 

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
Silver iMac computer

Mac OS X Turns 20 Years Old

Next Post
Playstation 4 Games Crash Bandicoot and Dualshock 4

Activision Releases an Online-Only Game with No Online Content, and It’s Cracked In a Day 

Related Posts