There’s a really nasty new cyber-bug attacking Android smartphones and it’s definitely not something anyone wants on their devices. The latest threat, which was discovered by the team at Zimperium zLabs, poses as a System Update that claims users need to install to keep their devices safe. However, the patch does quite the opposite. This download isn’t a System Update from Google at all – it’s actually a horrible piece of malware, known as a Remote Access Trojan (RAT), that sets about digging into your smartphone’s memory banks and then revealing a swathe of personal data.
Once installed, it allows hackers total control over the infected device with thieves able to record audio and phone calls, take photos, access WhatsApp messages, and even view full web browsing history.
To make things worse, once the data and files have been extracted from the device, the malware is programmed to immediately delete any traces that it’s been spying on you at all – making it incredibly hard to spot.
It’s scary stuff but before you start panicking about what personal data might now be in the hands of a total stranger it’s worth noting that this threat hasn’t been found on the Google Play Store with Zimperium zLabs saying, “Following an investigation, we discovered it to be a sophisticated spyware campaign with complex capabilities. We also confirmed with Google that the app was not and has never been on Google Play.”
So, as long as all of your downloads have come from Google’s official marketplace you should be safe. However, if you’ve ever strayed from Google and used a third-party app repository to download updates – either because the app you wanted wasn’t available in the Google Play Store, your Android handset doesn’t have access to the Play Store, or the third-party store tried to tempt you with free access to paid-for apps – then you might want to make sure your device hasn’t been infected by this RAT.
Speaking about this new attack, Ray Walsh, Digital Privacy Expert at ProPrivacy, said.”This sophisticated Remote Access Trojan is a reminder of why it is always so important for users to update their Android system via official means only. Anybody who uses third-party app repositories to download updates is at significant risk of running into these kinds of exploits.
“This type of Android spyware is extremely sophisticated because it allows the hacker to eavesdrop on the camera and microphone to spy on the user and record their phone calls. It also allows them to steal GPS location info, SMS messages, call logs, contact info, images and video files, browser history and bookmarks, personal information stored on the device including databases.
“This will ultimately give the hackers behind the Trojan access to information such as bank details and card numbers. Android users who download trojans of this kind are constantly at risk of their data being stolen, used for fraud, and sold on the dark web.”
If you think you’ve been hit with this malware attack – or any cyber threat – Express.co.uk has all the answers for what you need to do next.