Warning, a virus is pretending to be an Android update!

Hackers have created a fake Android update file. If installed, the hacker can take control of the phone, retrieve all files, and even trigger the camera and microphone.

To install or update an app on Android, two solutions. You can either connect to the Play Store, the official Google store; or you can manually install .APK. files without being a handyman or an expert, it’s pretty simple, and it usually allows you to take advantage of updates before they’re officially launched.

In fact, hackers had the idea of hiding a virus in a fake Android system update, and it was the Zimperium zLabs researchers who discovered it. This update file is available online and is listed under the names of “update” and “refreshAllData”. To trap even more the owner of a smartphone running Android, the application displays functions such as the presence of WhatsApp, the percentage of battery, storage statistics, the type of Internet connection… Once the user has chosen to “update” the existing information, the application infiltrates the relevant device.

The malware mimics almost perfectly the update message of Android. Impossible to see the trap

Stolen data is transferred to a server

And that’s where it gets very serious since this malware can steal messages posted on instant messaging systems, examine favorites and default browser searches, inspect favorites and search history from Google Chrome, Mozilla Firefox and Samsung internet browsers…

The hacker can also search for office files with specific extensions . doc, . docx, . pdf, . xls and . xlsx, review clipboard data and notification content, and even take pictures via front or rear cameras! In other words, this malware allows a hacker to take complete control of the smartphone. All while hiding its icon since initially, the user plans to install an update…

Via this log, we note that the hacker searches for all files of less than 30 MB present on the phone

Avoid installing . APK files

And if the user is connected to Wi-Fi, then all data is transferred to the hackers’ remote server. All this without us being able to realize it. Suffice it to say that the harm is done, and that it is irreversible. One tip: avoid installing . APK files, especially if they promise a system update. For this type of important update, trust only Google, and use the built-in utility with your smartphone. When a significant update is available, such as a security fix or new features, you will be notified.

If you installed this fake update, only one tip: save your data (sms, photos, videos) and then perform a complete smartphone reset. It’s the only way to make sure the malware is gone.

Add Comment