Beware Android Users Of Fake ‘System Update’ App That Steals Data

Android Users should beware of a new malware strain that is infecting Android-based smartphones.

Researchers at Zimperium zLabs, mobile security firm found malware that masquerades as a critical system update.

The new malware is flagged as “advanced” threat. As it uses sophisticated spyware campaign with some complex capabilities.

As such, it is capable of stealing various personal data stored on the target Smartphone. Including text messages, photos, contacts and more. Additionally, the malware may also take over the Android device, as per the researchers claim. After which, it can record audio and phone calls, take photos, access WhatsApp chats and as well as track browsing history.

It goes without saying that Android smartphones are a soft target for hacker and spyware. As recently, hackers abused clubhouse app to deliver a malware within its fake version of Android. As, there is still few month for the Android version of clubhouse app to arrive.

Fake Android “System Update” App

Zimperium explains in a blog post, that hackers behind the malware are able execute various commands remotely like Remote Access Trojan. Not only that, the threat can even perform a variety of malicious actions after taking control of the phone.

Fake Android 'System Update' App That Steals Data
Fake Android ‘System Update’ App That Steals Data

The detected bug has come bundled with an Android app named as “System Update”, that needs to be installed out of Google Play.

Shridhar Mittal, CEO of Zimperium, spoke to TechCrunch, that the malware is likely to be a part of any targeted attack.

“It is easily the most sophisticated we’ve seen. I think a lot of time and effort was spent on creating this app. We believe that there are other apps out there like this, and we are trying our very best to find them as soon as possible,” he said.

According to the security firm, the malware posing as “System Update” communicates with the attacker’s Firebase server. This is how the malware take control of the smartphone remotely.

After which, the malware executes various commands to steal the data and organize them within its private folders.

“Apart from the various types of personal data stolen from the victim, the spyware wants more private data such as the victim’s bookmarks and search history from popular browsers like Google Chrome, Mozilla Firefox, and the Samsung Internet Browser,” blogpost notes.

To trick users: The fake “System Update” app shows a dubious notification that posing as important system update. 

The CEO also said that the malicious “System Update” app has never shown on Google Play Store. So, users need to be careful of fake “System Update” notification. If they takes them outside the play store.

However, Google has not addressed the issue in the public.

Leave a Reply

Your email address will not be published. Required fields are marked *