Beware! App posing as ‘System Update’ can steal your data, delete it now

This may be one of the most sophisticated Android malware so far.

Highlights
  • Security researchers have found a new Android malware that disguises itself as a system update. 
  • Once activated, the malware has complete access to your device, including your location, photos, texts, and more. 
  • The best way to avoid getting infected is to refrain from interacting with the fake ‘System Update’ notification. 

A new type of malware on Android tricks users into downloading it by masquerading as a system update. It was discovered by security research firm Zimperium, who also discovered its existence some time ago. Once installed, the malware has access to a wealth of your private information, such as the contents of your WhatsApp/SMS/Telegram inboxes, bookmarks from your browser, images from your gallery, and more. It can be particularly tricky to tell the malware notification apart from a real one, considering that it looks nearly identical to the one displayed on some Android devices.

Also read: Beware! This Android malware can infect your WhatsApp contact list

To make matters worse, the malware operates in real-time and sends information back to the mothership every time new information is generated. It is stored on-device and transmitted to the command centre at regular intervals. This ensures that the hackers always have access to an up-to-date version of your phone’s data. There is no word as to just how many devices have been affected by the said malware just yet.

The System Update app is not on Google Play Store

As is the case with most malicious software, users need to click on it manually for the infection to begin. An eagle-eyed user might be able to spot the fake right away, but that might not necessarily hold true for the less tech-savvy kind. However, there is some respite for users, as the app that carries the malware is not hosted on the Google Play Store. The ability to install apps from third-party repositories is disabled by default, so the operating system will not let you install the malware if you have the option disabled.