A new malware is being released for Android devices that while posing as information συστήματος, έχει εκτεταμένες δυνατότητες spyware, κλέβει δεδομένα από τις μολυσμένες συσκευές και έχει σχεδιαστεί για automatic activating it whenever there is new information to export.
The new spyware can only be installed as application "System Update" via third-party Android app stores, as it was never available on Google's Play Store.
This drastically limits the number of devices it can infect, as more experienced users are more likely to avoid installing programs from stores outside of Google. Malware also does not have a method of infecting other Android devices by restricting itself to one device.
However, if it manages to install it, it can collect and execute an extensive range of information on the command and control server. Zimperium researchers who located it, observed that "it stole data, messages, images and in the end took control of the Android phone".
"Once in control, hackers can record sounds and phone calls, take photos, check browser history, access WhatsApp messages and more."
Unlike other malware designed to steal massive data, new malware will only be activated when certain conditions are met, such as adding a new contact, new text messages, or new applications being installed. Athis means it will only penetrate the most recently δεδομένα, συλλέγοντας δεδομένα locations created and photos taken in the last few minutes.
The malware will also display fake "Search for Update .." system update notifications when it receives new commands from its owners to cover its malicious activity.
