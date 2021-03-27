It has a range of spying capabilities.

Android malware can be easily avoided by using the Official Google Store when downloading apps. However, this malicious program can still arise in an Android platform even if you only download apps from Play.

Recently, researchers found a new piece of Android malware. It’s sophisticated enough to locate sensitive information stored on your device. Once it found the details, the program sends them to the attacker’s servers.

Disguises as a System Update

Zimperium, a security firm, said that the new Android malware masks as a system update. Users are encouraged to download it from a third-party store.

The malware is a remote-access trojan. It receives and performs commands from a controlled server.

It’s a full-featured spying program that has a wide array of malicious functions.

Some of its capabilities would include sealing IM messages and instant messenger database, SMS messages, phone contacts, call logs, recording audio and phone calls, and many others.

Its presence is hidden from the device’s menu.

If the malware doesn’t acquire root, it can still gather message details from WhatsApp.

How? It tricks users to enable their Android device’s accessibility services. These services are built into the OS.

Accessibility services are useful for people with vision impairment to use the device easily. They are controls that can modify the display of the device or provide spoken feedback.

When these services are activated, the malware can collect the content on the WhatsApp content.

This Android malware can also steal files that have been stored in external storage. The app steals image thumbnails.

They are smaller than the original images. By stealing smaller than the original images, users won’t have a hint that their devices have been infected by the malware because it won’t reduce bandwidths consumption.

Once the device has Wi-Fi connectivity, the malicious app will send the stolen information to the attackers. But if the device is on a mobile connection, it can only send limited data.

Android Malware Lacks a Key Feature

Although this new Android malware is sophisticated, it still doesn’t have a key feature that infects devices without tricking users to make decisions that even experienced users know are not safe.

To infect the device, it needs a third-party source. Users must download it from the said source.

In that case, if you don’t want your Android device to get infected, you need to download the apps you want to use from Google Play Store.

It may be a problematic place to find apps. However, the Play Store is more trustworthy to get programs.

Google didn’t explain this malware. But it reiterated that the malicious app was never found in Play.

This month, Google Play Store removed a handful of Android apps filled with malware. These apps took advantage of the trend in designing malicious apps.

That is, to disguise them as innocent clones of popular apps so Google can’t detect them. Once they are in the users’ devices, they transform into crappy apps.

If you think that your device is infected, experts recommend factory-resetting it and reinstalling the apps that you need from scratch. But make sure to get them from Google Play Store.