Warning – New Android Malware with Spying Capabilities

Share post:

Researchers have discovered a very advanced piece of Android malware that finds sensitive information on infected devices and sends it to servers controlled by attackers.

The app disguises itself as a system update that must be downloaded from a third-party store. This malware features a fully featured spying platform that carries out a wide range of suspicious and malicious activities. Security firm Zimperium reported that these include:

    <li>Theft of instant messenger messages and database files, especially WhatsApp</li><li>Inspection of bookmarks and searches in the default Google Chrome, Mozilla Firefox and Samsung Internet browsers</li><li>Look for files with specific extensions such as. pdf,. doc,. docx, and. xls,. xlsx</li><li>Checking the data in the clipboard and the content of the notifications</li><li>Recording of audio and telephone calls</li><li>Regular shots through the front or rear cameras</li><li>List of installed applications</li><li>Theft of pictures and videos</li><li>Monitoring of the GPS position</li><li>Theft of SMS messages, telephone contacts and call logs</li><li>Exfiltration of device information such as installed applications, device name, memory statistics</li><li>Hide its presence by hiding the icon in the drawer/menu of the device</li>

Most experienced people will not fall victim to this malware, as it is only installed when you make obviously risky decisions, such as downloading third-party software and activating access services.

For more information, you can see the original article in Ars Technica.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for Friday, December 1, 2023

This episode features a discussion on ransomware, the latest explanation from Okta of a support hack and a survey of infosec pros whose firms w

Cyber Security Today, Dec. 1, 2023 podcast – More on Booking.com compromises

This episode reports on the sanctioning of the Sinbad crypto mixe

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests. Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways