A new malware is infecting Android devices with a dynamic that easily tricks users. As if it were just another notification warning of an update, this malware pretends to be a system update.
As mentioned by security firm Zimperium, this malware does not raise users’ suspicion as it passes for a legitimate system update. Users see a notification with the typical message “System Update…” and it is just a matter of approving the supposed update to start the process of infiltrating our mobile device to spy on us.
And the user will not notice anything, since the icon is hidden from the application drawer and any section of the device. A detail mentioned in the research is that it does not arise from a Google Play app, so this dynamic starts from an application downloaded from other media.
What power does this spyware manage to have on the mobile? Take absolute control of the mobile, as mentioned in Zimperium’s research:
Among the actions it can perform on our mobile is to take pictures, record phone calls, view bookmarks and browser history, read typed passwords, check WhatsApp messages, clipboard, monitor location, steal phone contacts, among many others.
As it collects all this information, it uploads all the content to the service as an encrypted file. And once this operation is successfully completed, it deletes any trace of the generated file from the mobile. A dynamic that is repeated continuously without the user noticing any sign of irregularity in their Android mobile.