Android owners have become pretty used to the weekly warnings of malware-ridden apps and dangerous downloads. However, the latest alert to be discovered could be one of the most terrifying to date.
Found by the team at Kaspersky labs, the new threat could leave Android fans open to attack from an app which can infect then perform a huge array of unwanted activities without the owner ever knowing.
Called Trojan-Dropper.AndroidOS.Shopper.a., the malware has the ability to open the Play Store, install other dangerous apps and even leave glowing fake reviews all behind the phone owners back.
According to the Kaspersky security experts, to make the user not notice anything untoward, the installation window is concealed by the app’s “invisible” window.
As well as installing rogue applications, this cyber bug also has the ability to fill devices with annoying adware and can even begin displaying adverts when the phone is locked.
Even more terrifying is that it can somehow disable Google Play Protect – which means those who subscribe to this service aimed at blocking unofficial or dangerous apps can still be targeted.
JUST IN: Android is finally receiving a feature Google should have introduced years ago
One final nightmare for anyone who has been unlucky enough to install it is the fact it can also collects information about victim’s device (country, network type, vendor, smartphone model, email address, IMEI, IMSI), which is then forwarded to the cybercriminal’s server.
Here’s everything that this threat is capable of:
• Open links received from the remote server in an invisible window (whereby the malware verifies that the user is connected to a mobile network).
• After a certain number of screen unlocks, hide itself from the apps menu.
• Check the availability of AccessibilityService rights and, if not granted, periodically issue a phishing request to the user to provide them.
• Disable Google Play Protect.
• Create shortcuts to advertised sites in the apps menu.
• Download apps from the third-party “market” Apkpure[.]com and install them.
• Open advertised apps on Google Play and “click” to install them.
• Replace shortcuts to installed apps with shortcuts to advertised sites.
• Post fake reviews supposedly from the Google Play user.
• Show ads when the screen is unlocked.
Kaspersky advises users to be on the lookout for any apps that don’t appear official with the cyber security experts saying on their website: “The best option is not to install apps from dubious sources at all, including from ads, whatever they promise.
“Even if the only danger posed by such apps comes from automatically written reviews, there is no guarantee that its creators will not change the payload at some later date.
“In any event, it’s worth getting hold of a mobile security solution that can independently detect and block dangerous apps.”
Source: Read Full Article