Following the discovery of Clast82 malware in some Google Play Store applications, Zimperium researchers have identified another malicious application for Android smartphones, this time external to the Big G store, which It is intended to be a system update to sneak into devices, hide and steal confidential user data.
The report came through TechCrunch, who contacted the mobile cybersecurity company directly to get all the details on “Upgrade system”Yes, the malware is currently known in this way precisely because outside the Google Play Store it is available under this name, as you can also see in the image attached at the end of the article. Zimperium CEO Shridhar Mittal himself said: “It is without a doubt the most sophisticated we have seen. I think a lot of time and effort went into creating this app. We believe there are other apps like this and we are doing our best to find them asap “.
but how does it work? Once downloaded and installed, this application hides itself on the device and begins communicating with the Firebase server of the attackers in question to allow them to continue their operations remotely. Possible include the theft of messages, contacts, browser search history, call logs and access to microphone, camera, geolocation and data copied to the clipboard. In short, you can potentially do whatever you want.
To make matters worse removing it once installed is practically impossible Due to the fact that it uses very little data when connecting to the network, it loads the thumbnail image previews and only the essential data that the hacker wants. Also, it would hide among the installed apps showing only a fake notification like the one in the picture.
The only way to avoid all these problems is to pay close attention to the applications you download from the Internet and not from the Google Play Store, if not to completely avoid this process: third parties, in fact, are not always reliable and hide many traps. As a result, our advice and that of the experts remain install apps and games only from the Big G official store Or, in case you are particularly interested in receiving updates to the preview system, access the firmware updates ensuring the authenticity of the site from which you obtain them.
Recently, staying on the topic of malware, a virus called CopperStealer was discovered that acts as a stealer of passwords and cookies from Amazon, Google, Facebook, and other platforms.