Android malware disguised as a Google Chrome update
Google Chrome was used as a reference medium for disseminating a new type of Android malware which takes total control of the device by draining the finances of our current accounts and intervening in the reading and manipulation of the system logs in reference to calls made and received, incoming and outgoing sms and much more. A full-blown threat that risks seriously compromising our safety and that of our contacts, now in the hands of the bad guys who could very well use it to perpetrate their own crimes. Let’s find out how we get infected and how we can defend ourselves with the tools made available to us.
Android Virus, all our data and bank accounts at risk
Google Chrome was used as a pretext to unleash a swarm of infections that have occurred on board the terminals of the green robot over the last few days. As in most cases, the cause of the infection is mainly due to the unconsciousness of the user who provides to convey the hopes of the malicious, who try in every way to make the user experience with the ecosystem impossible. Androidalways subjected to severe tests of IT Security.
The new android virus it is transmitted through the execution of a file having the extension.apk for which, as we know, you must give express authorization to execute by enabling the relative options that allow the start of app from unknown sources. This alone speaks volumes about user behavior. To this we must then add the fact that, albeit apparently legitimate, the new Google Chrome update released through these channels does not at all follow the classic methods of intervention that make the whole sound suspicious at least.
Researchers from Zscaler they have identified the new android threat in the Google / Android / Google Chrome domains. The installer starts the external installation procedure for a new type of malware that requires the granting of root privileges. Following the granting of administrator rights the virus performs a thorough scan of the system aimed at creating a machine profile that provides for deactivate the antivirus in advancesteal useful information from the history of our web browser, view call logs and messages and, even more strikingly, try to steal your payment credentialsthrough appropriate pop-up windows that appear at the most appropriate time and which are in fact indistinguishable from the original ones.
According to researchers from the cybersecurity company ZScaler, the only useful and effective method to thwart the threat is to operate, to our deepest despair, a complete reset to factory data and a wipe of all cache and device data. As painful as it is, this is the only alternative, use common sense first, that’s clear.
Have you been infected? Did you imprudently provide your card details and had to block it? Let us know how it went and then leave us a comment that reports your personal experience with this and other similar types of problems on Android.