There is a new spyware that threatens Android users. According to researchers at Trend Micro, malicious software capable of spying on all your messages, on Facebook, Gmail or even on Outlook, lurks on the Google Play Store. The virus has already been spotted in the code of three applications available in the store. To collect the personal data of its victims, the malware exploits several security vulnerabilities.
“We found three malicious applications on the Google Play Store” announces Trend Micro in a blog post on January 6, 2020. After investigation, the researchers detected the presence of spyware whose sole purpose is to “collect user information”. It would probably be the work of SideWinder, a group of dangerous pirates active since 2012. In recent years, they have mainly distinguished themselves in the hacking of military organizations.
This malware collects all the data from your Android smartphone without your knowledge
To enter the victims’ smartphones, the malware masquerades as a harmless Android application. So far, three apps from the Play Store have contained spyware. According to the survey, they were in activity since March 2019. Here is the name of the three apps in question:
Alerted by experts, Google quickly deleted the apps from its Play Store. Once infiltrated into your phone, the malware exploits old Android system security vulnerabilities. Under these conditions, the oldest smartphones, which have not obtained patches for a long time, are the most vulnerable. The malware will even root the Android smartphone to install several APK files remotely. In some cases, the virus also relies on a breach of Mediatek’s SoCs.
Once it is done, the malware will collect all the data present on your device, including your messages on WeChat, Outlook, Twitter, Yahoo Mail, Facebook, Gmail, or even via Google Chrome. In the process, it also takes over your geolocation, stored documents (photos, videos, etc.), the list of installed applications, the IDs of your accounts and data concerning your network or your device. All of this information has significant market value on the dark web.
To avoid falling into the trap set by hackers, you are advised not to install applications from unknown developers, even on the Play Store. Similarly, you should take a look at the reviews and comments before downloading any application. Finally, we encourage you to install a good antivirus on your Android smartphone.