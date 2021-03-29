A new malware for Android it has recently been discovered. This type of software generally seeks to trick the user into accessing the system and from there take advantage of it. In this case, the cheating method is the most curious, a system update. But even worse is what it does afterwards: from accessing contacts to spying on all the user’s browsing history and data.

The malware obviously calls itself System update. This is an application that was discovered by security researchers at Zimperium. The app falls into the category of remote access Trojans, which refers to malware that allows remote control of the device without being physically present.

The promise of updating the mobile

System Update appears as an app that promises to help keep your device up to date. In reality what it does is monitor all the movements of the user on the phone and report all this by sending the data to a third party. From Zimperium they assure that it is “easily the most sophisticated remote access Trojan” they have seen to date. Of course, perhaps not as sophisticated as the malware that is only reinstalled even when the mobile is factory restored.

Since it has full access to the device it infects, the data it steals is vast and varied. It can, for example, read messages from instant messaging apps, collect the user’s call or contact history, photos and videos stored on the mobile, browser browsing history, location data … And practically data from any app installed on the mobile phone.

In addition to collecting information, the Trojan is also capable of taking, for example, photographs or turning on the microphone of the phone to record audios for example. These actions are usually carried out when he receives some type of information or event that arouses his interest, for example when receiving a phone call he is able to automatically activate the microphone to record the audio.

The app, luckily, has not been available on Google Play. Instead, its APG has been distributed over the web or offered in third-party stores with the promise of improving the phone by updating the system. Researchers believe that there are more apps like that and doing the same as System Update, hence they want to keep looking to investigate the matter.

The best the user can do is, as always, be cautious. Install applications and download files from trusted sources, as well as be suspicious of anything that offers great access or control of the device.

Via | Blog Zimperium