New malware has begun to spread among smartphones running the Android operating system – the malware disguises itself as a system update and, in theory, allows attackers to take full control of the victim’s device.
A new dangerous malware acts like a system update for Android devices
Shridhar Mittal, the head of the security company Zimperium, told reporters about the new malware. An application called System Update is not installed from Google Play, but from third-party sources as part of a package of useful utilities. Shridhar has confirmed that this app has never appeared on Google Play. In doing so, the application is disguised using an alert similar to verified updates from Google.
After installation, the application hides and then secretly collects and sends data from the victim’s device to the attackers’ servers. Firebase servers are also used to remotely control the device.
They can transfer messages, contacts, device information, bookmarks and browsing history to the wrong hands, record calls and even ambient sounds from the built-in microphone, and take photos using smartphone cameras. In addition, the location of the device is tracked, documents are searched in memory, and information is copied when entered from the keyboard.
To reduce the risk of being caught, the malware reduces the amount of traffic consumed by uploading thumbnails rather than entire images to the attacker’s servers. The malware also collects the most recent data, including location and photos.
Google Play app update notifications are broken
When Google eliminated app update notifications from the Google Play Store; the decision turned out to be controversial and many users did not like it.
It even led to the development of a third-party solution before Google changed its mind and returned the feature as an optional setting, which is disabled by default. However, this feature has now stopped working on various Android smartphones.
The problem was addressed by the founder of AndroidPolice website. When you try to activate the feature in the settings on your Pixel smartphone, the switch just gets stuck.
AndroidPolice notes that the switch does not work at all on Pixel smartphones. If you look at the complete list of notification categories for the Google Play Store; it might seem like the switch has worked. However, it only seems that way, since the smartphone does not remember the user’s choice; and when returning to the Android settings or to the application’s own settings, the function is turned off again.
Google Play Store has an "Updates completed" notification setting, but enabling it is completely broken for me.
— Artem Russakovskii (@ArtemR) March 18, 2021