Malware is pretty easy to develop for experienced hackers. Moreover, targeting the biggest ecosystem, Android, without users even noticing the same is pretty amazing. Simply saying, Android again gets its fair share of spyware, which this time acts as a Play System Update and uses Google’s Logo just to fool users.
What is “Play System Update” and how does this spyware affects us?
If you don’t know what is actually going on in the Android community, you either just woke up or may be an iPhone user, but that doesn’t matter. Google has implemented a new way of delivering system updates and security patches via Play Store, so that OEMs do not have to wait just to develop for every individual device and push it, and the carriers delaying them further. However this approach is kept as an optional for the OEMs, in fact a certain piece of it that is.
Now back to the spyware. The new spyware was detected by Zimperium, which steals user’s data without the user even recognizing it because it uses Google’s logo. Moreover, this doesn’t even require root access to infiltrate your phone and steal your data.
Once installed, the Remote Access Trojan starts its job by receiving execution commands to steal data from the infected devices. The list of capable targets are contacts, IM messages, SMS, history of your browser, clipboard data and much more.
And if you are rooted, then WhatApp is also affected by the spyware. Although the recent versions had a sort of resistance, the older versions of Android are not. Moreover it is also limited to what to and how much to steal and send data, so that user doesn’t notice about the breach and the abnormally high data-transfer rates. Thankfully this spyware has not yet made to the Play Store, else we could have seen a chaos in the digital world (Yup, just finished watching some anime, so feel the effect here ).