A new Android spyware has been discovered with the ability to disguise as a system update. Researchers at mobile security firm Zimperium discovered this new malware bundled in an app that had to be installed outside of the Google Play Store.
According to a report from TechCrunch, the spyware sends data from the user’s device to the operator’s Firebase server. This is then used to gain remote access to the device by the attacker in charge.
The malware can be used to syphon off messaged, device details, browsing details as well as contacts. The attacker can even use it to capture sound via the device’s microphone. As if this couldn’t get worse, the spyware can apparently take photos using the infected device’s camera.
“It’s easily the most sophisticated we’ve seen, I think a lot of time and effort was spent on creating this app. We believe that there are other apps out there like this, and we are trying our very best to find them as soon as possible,” said Shridhar Mittal, CEO of Zimperium.
According to researchers, catching the spyware proved to be really difficult as it hides so well. The designers of this particular software seemed to be a step ahead since the Android malware reduces the amount of data it consumes. This is by uploading thumbnails to its server rather than the full image.
As noted before, the app that hosts this malware is not part of the Google Play Store’s catalogue. So, it is highly advised that you don’t install APK files from unknown sources.