Zimperium computer security researchers have discovered particularly dangerous new malware. The malware in question is hidden in an app called “System Update”. Once installed on a smartphone, malware is able to take control to steal as much data as possible.

malware android system update - This fake Android update hides dangerous malware, don't install it!
Credits: Pixabay

Decidedly, a cyberthreat comes to chase another. After the 204 “fleecewares” applications spotted on the Play Store and the App Store, or even this ultra dangerous malware detected on WhatsApp, a new danger looms over Android users. In fact, computer security researchers at Zimperium have discovered the existence of malware in an application called “System Update”, or “System update” in French.

This app, not found on the Play Store, can be installed via an APK file. Once installed on the victim’s smartphone, malware is able to take control, the objective being to steal a maximum of data recorded on the device. To do this, the malware communicates with the Firebase server (Google’s mobile platform) of the operators.

Also read: Android – Google fixes 38 security flaws in March 2021

malware system update - This fake Android update hides dangerous malware, don't install it!
Credits: Screenshot of the malware / Zimperium

Ultra sophisticated malware

This spyware can then steal messages, contact list, device details, or even browsing history. The malware can even record calls and pick up sounds by activating the smartphone’s microphone. Best of all, this malware can also trigger the photo app remotely and take snapshots without the user’s knowledge. Even more dangerous, malware can recover the data copied and pasted in the clipboard of your smartphone (which can potentially contain passwords for example).

It is one of the most sophisticated malware we have seen. I think a lot of time and effort has gone into creating this app. We believe that there are other such applications, and we are doing our best to find them as soon as possible ”, says Shridar Mittal, CEO of Zimperium.

This malware is part of the RAT family, for Remote Administration Tool. This malware allows hackers to take control of a smartphone from a distance. RAT malware was also offered for sale on the dark web in early January 2021. “We are starting to see an increasing number of RATs on mobile devices. And the level of sophistication seems to be increasing… ”, Shirdar Mittal worries. To avoid this kind of mishap, you should avoid downloading applications that do not come directly from the Play Store.

Source: TechCrunch