This is a cause for concern for users as any unwitting victim of this personal-and-banking-information-stealing malware could turn into a potential victim of financial or banking fraud or even identity theft. While further investigations are currently ongoing,the researchers warned that an immense number of URLs are actively distributing the malware in the wild. The post furthers, “ Once installed, this infostealer cannot be removed from the phone as the malware does not allow the user to deactivate its administrative access.” Once the mobile device is compromised, the only antidote to the infection would be to reset the device to its factory settings, which could lead to loss of the data saved in the user’s device. Credit card information keyed in by the user could then be considered stolen as the malware takes a screenshot and sends it to a Russian phone number. Also, it is capable of terminating incoming calls from unknown callers.Īpart from this, the malware creates a malicious page that resembles a legitimate payment page in the Google Play Store. Once the malware penetrates the system, it is capable of snooping on outgoing, incoming, and even missed communications from calls and text messages before sending it to its command-and-control server. In a statement, the researchers also note, “As part of the installation, the malware will ask for administrator privileges that allow it to terminate antivirus applications running in the background.” It threatens the user that his/her device is compromised by a virus that it can only be free from infection by updating the system. When a user visits an infected website, an alert pops up and warns the user to install an update-a common scare tactic used to elicit a sense of urgency. It is not a new scam, but we have recently. Such domains are short-lived, and are regularly updated and replaced by new ones to avoid any form of URL-based filtering. The fake Chrome update doesnt seem to be in the mainstream news, but it is one you should keep an eye out for. The malware squats on different URLs that resemble actual, existing Google updates. The malware in question is capable of mining user data from call logs, SMS exchanges, browser history, and even banking and credit card credentials before sending them to a remote server. Researchers at Zscaler reportedly spotted an Android infostealer that spreads by hiding under the guise of a Google Chrome update.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |