'System Update' Android App Discovered to Be a Dangerous Spyware to Steal Data—Do Not Download

'System Update' Android App Discovered to Be a Dangerous Spyware to Steal Data—Do Not Download
A new malicious application that steals user data, monitors movements, and actively searches online history has been discovered. This app pretends to update the android phone but, in reality, it serves as a giant spyware program. Photo : William Hook/Unsplash

A new malicious application that steals user data, monitors movements, and actively searches online history has been discovered. This app pretends to update the android phone but, in reality, it serves as a giant spyware program.

Do not download this Android app called "System Update."

Researchers from the mobile security firm Zimperium warned Android users about installing the app called "System Update." They classified this program as a Remote Access Trojan (RAT) that allows hackers to manipulate and access your device from afar. All of these happen discretely, without giving the user any warning that all their data are being stolen right under their nose.

Spyware Code and Programming

Gizmodo reported that this RAT is one of the most sophisticated codes ever seen. The hacker must have spent a great deal of time and effort to create the app. Unfortunately, the same pattern and code might exist with other apps out there.

Figure 15, 16: The Fake notification and communication with the C&C server
(Photo : Zimperium/Website Screenshot)

"System Update" is convincing with its program name and even adopting a fake Google logo icon. "System Update's" logo is a colorless "G" while Google logos often have their 4 prominent colors.

Read Also: Google Hacked in 2020 by US Ally: What Really Happened in Digital Attack?

What Data Does "System Update" Steal

The hacker steals data on instant messenger messages like WhatsApp and database files, as well as call logs and phone contacts, pictures and videos, and all your text messages. Generally, it could access everything on your phone, including the list of apps you have installed on your device.

The spyware app could also hack open your GPS location, so the hacker knows precisely where you stand. It could also hijack your phone's camera to take photos and videos at any time. The app could also hijack your phone's microphone and record audio remotely. There are also traces of this app reviewing user's browser search history and bookmarks.

The app's spyware capabilities are triggered open when your device receives new notifications. This RAT is programmed to automatically record any "activities of interest," such as an incoming phone call. The app would immediately record the ongoing conversation, record the updated call log and upload the contents back to its Command & Control (C&C) server as an encrypted ZIP file. After it steals the data, the app automatically erases any evidence of its activities.

How to Avoid

Fortunately, "System Update" is not found on the Play Store. However, extra caution is needed when downloading from third-party stores from the internet because rogue apps such as these are becoming more significant in recent times.

It is better to limit the number of apps you install on your device. Also, be sure to check the validity and license of these apps before downloading them. Take these warnings into consideration, and you can be sure to avoid the dangerous traps of these malicious apps.


Related Article: WhatsApp Status: What to Do and Who to Contact if Your Account Is Hacked 

© 2017 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost