Security researchers found an Android spyware disguised as a system update

Security researchers said that a powerful new type of Android malware disguised as a critical system update can take complete control of the victim’s device and steal their data. The malware was found to be bundled in an application called “System Update” and must be installed outside of Google Play, the Android device’s application store.

Once installed by the user, the app will hide and secretly send the data in the victim’s device to a server under its control. Researchers from Zimperium, a mobile security company that discovered the malicious application, said that once the victim installs the malicious application, the malicious software will communicate with the operator’s Firebase server for remote control of the device.

The spyware can steal information, contacts, device details, browser bookmarks and search history, record calls and environmental sounds from the microphone, and use the phone camera to take pictures. The malware can also track the location of the victim, search for document files, and grab copied data from the device’s clipboard.

Join Our RealMi Central Channel On Telegram

The malware hides from the victim and tries to reduce network data consumption by uploading thumbnails instead of complete images to the attacker’s server, thereby evading capture. The malware can also capture the latest data, including location and photos.

Zimperium CEO Shridhar Mittal said that the malware is likely to be part of a targeted attack. Inducing others to install malicious applications is a simple but effective method that can compromise the victim’s device. This is why Android devices warn users not to install apps outside of the app store. But many old devices cannot run the latest apps, forcing users to rely on old apps from pirated app stores.

If you like our news and you want to see such news even further, then follow RealMi Central on Telegram, Twitter, Facebook (Page) (Group) & Instagram.

Leave a Comment