Weeks after the famous Flubot virus, a new malware lurks in the Android operating system. In this case, it is a malware that masquerades as a system update, as the security company Zimperium has discovered.
According to the experts who discovered the malware, it is a very sophisticated threat, a Trojan that is accessed remotely and that allows complete control of the device.
A fake update capable of controlling your mobile
System Update is an application that is being distributed in third-party stores. The app promises improvements in our phones, but what it really does is ask for permissions and get full access to the phone, as already achieved by the SMS scam malware.
With full accessibility permission, any app can fully control our Android device
By giving full checks, this malware will have access to all our contacts, call history, audio recordings, camera, location and more. In short, complete controls to control our Android device at will.
The good news is that this app is not in the Google app store, it needs to be installed from an external repository. In the same way, Google Play Protect will notify us if we try to install it. From here we recommend that you never install (unless necessary and we know the origin of the APK) applications that do not come from the official Google application store.
Similarly, system updates always arrive through the settings of your mobile, so you don’t need to install anything from the outside. In the event that you want to download an update file, it must always come from the manufacturer.
More information | Zimperium