Beware of a newly discovered malicious app that pretends to update your phone, but in reality is just a giant spyware program that can steal pretty much all of your data, while monitoring your movements and online search history.
Just called System Update, Android app got discovered by researchers with the mobile security company Zimperium, which has classified it as a Remote Access Trojan (RAT) —a broad category of malware that usually allows a hacker to access and manipulate the device from afar.
This special RAT is downloaded with the promise to help you keep your device up to date, but instead sexits all your information back to a Command & Control server. Shridhar Mittal, CEO of Zimperium, recently told TechCrunch that he believes the app is part of a “targeted attack.”
“It is easily the most sophisticated [RAT] we have seen, “Mittal said at the end. “I think it took a lot of time and effort to create this app. We believe that there are other apps like this, and we try our very best to find them as soon as possible. “
The wide range of data that this sneaky bastard is capable of stealing is pretty awful. It includes: instant messaging and database files; call logs and telephone contacts; Whatsapp messages and databases; photos and videos; all your text messages; and information about pretty much everything else that is on your phone (it will, for example, store the rest of the apps on your phone).
The app can also monitor your GPS position (so it knows exactly where you are), hijack your phone’s camera to take pictures, browse your browser’s search history and bookmarks, and turn on your phone’s microphone to record audio.
The app’s spying functions are triggered when the device receives new information. Researchers write that RAT is constantly looking for “any activity of interest, such as a phone call, to immediately record the call, collect the updated call log, and then upload the contents to the C&C server as an encrypted ZIP file. . “After stealing your data, the app will then delete evidence of its own activity and hide what it has done.
Fortunately, this hell of a booby trap has never been offered in the Google Play Store, even though it is available through a third-party store, researchers write. Rogue apps like this are becoming a bigger and bigger problem for consumers, so it’s a good idea to limit the number of apps you have on the phone and to do your homework before downloading – so that your data does not fall into the hands of a dark webcetin.