Modern technology has brought the world to our palm. All our private information such as messages and conversation, personal details, videos, and photos, etc. The android spyware is targeting exactly this information, trying to extract them and use them for their benefit.
Zimperium zLabs has detected a sophisticated Android malware that poses as a system update and extracts data of the user’s data which include text, images, location data, etc. In addition to this, all stolen folders are sent to the C2. On the other hand, if the victim is on a mobile connection, only the selected data is sent to the C2 to avoid detection by the users.
What is its significance?
This RAT uses Accessibility services to gain access to the messenger application. Also, if the device of the victim is rooted, the spyware will have the access to collect database records too. This also has advanced capabilities which include time control so that the most recent and the most relevant files are extracted.
Bottom Line-
Cyber-attacks have become very common and it is of huge importance that we update our cybersecurity resources when time is available since prevention is always better than cure.
Link: https://cyware.com/news/new-android-malware-spotted-posing-as-system-update-e4a545c4