lswcap
It is said that a malicious code pretending to be an Android System Update was discovered while malicious code was in the rage.
According to Zimperium reports, the malware is hidden in an application called System Update distributed outside the Google Play Store. At first glance, if an alert user installs and runs this app without knowing anything, it seems to be performing a Google official system update, but it acts as a malicious action that sends user information to the outside from behind. Also, the update notification uses the Google icon to trick the user.
Transmitted data includes instant messenger messages and database files, browser bookmarks and search history, contacts, call logs, device information, files with specific extensions, clipboard data, audio and phone recordings, regular photo shoots, GPU location information, etc. Covers.
In addition, to prevent malicious code from being noticed by users due to an increase in communication fees, the image transmission is reduced to the size of thumbnails rather than the full size, and is also being devised in detail. Google did not provide details about the malware, but in response to the inquiry, it emphasized that the malware is not in the Google Play Store. It is not a genuine app because it is not in a genuine store. However, in Android, users often install apps outside of the storage, so it seems that caution is needed when installing apps outside the Play Store. Related information can be found here.
Add comment