One of the basic security tips when installing applications is to do it from official stores (such as Google Play or App Store). However, many of the older devices are not compatible with the latest applications, forcing users to trust older versions of pirated app stores.
Thus, a new malware (malicious software) for Android was detected in these weeks. It is intended to be a system update, but it is for the purpose of spying, stealing, and controlling the smartphone.
It is part of a malicious application, hosted in a store outside of Google Play (which has not yet been specified), and once the user installs it on their cell phone, it begins to communicate with the operator's server. According to researchers from the security firm Zimperium, who discovered the malware, it is spyware that allows the criminal to take control of the device.
So you can access messages, search history, and browser bookmarks, but also device and contact information. You can also activate the microphone to record calls and ambient sound, and the camera to take photos. Likewise, you can monitor the location, and even access the data that the user has copied to the clipboard.
Researchers have called it the "most sophisticated malware" they have seen to date. It hides from the user by posing as critical system update notices and reducing data network consumption by sending stolen information to the server.
According to information published by the Techcrunch site, a Google spokesperson declined to discuss the steps the company was taking to prevent malware from entering the Android app store. Researchers do not know who created the malicious software or who it is targeting.
“We are starting to see an increase in RATs (remote access trojans) on mobile devices. The level of sophistication seems to be increasing and bad actors seem to have realized that mobile devices contain more information and are much less secure than traditional access points, ”said one of the researchers.
In October of last year, Google updated the rules of its application platform Google Play Store to prohibit applications known as a stalker, which allow obtaining data from users' devices without prior notice or consent and do not show any type of notification in this regard.
Stalkerware (also known by the term creepware that refers to mobile applications that do not have all the functions of a product, designed to spy or harass) and other tracking software can pose a risk in many other ways, especially for those who use it to harass their partners or harass minors, for example.
This rule in the Play Store went into effect on October 1, 2020, and eliminated the possibility for stalkerware apps to install and run undetected when installed on victims' devices.
The company highlighted in the update of its developer program policy that "only applications that comply with policies designed and marketed exclusively for parental supervision or business management can be distributed on the Play Store."
0 Comments