A dangerous new strain of spyware has been identified by researchers, posing a threat to the many millions of Android smartphone users.
In a blog post, security company Zimperium zLabs warns about the “sophisticated” new campaign, which disguises malware as an Android System Update in a bid to trick users into triggering the infection.
Once a device has been infected, the spyware is able to record phone calls, take photos, access messages and much more. Any data collected is then lifted from the Android device via a dedicated command-and-control (C&C) server.
- Check out our list of the best antivirus services out there
- We've built a list of the best endpoint protection services available
- Here's our list of the best ransomware protection right now
According to Zimperium, the malicious download is being distributed via third-party application stores and has never been listed on the official Google Play Store.
Android System Update malware
Unlike other forms of malware, which gather information in an indiscriminate manner, this new strain of spyware is designed to detect certain events and actions before collecting data.
When the spyware detects a phone call is taking place, for example, the conversation is recorded and an encrypted ZIP file is uploaded to the C&C server.
There are also further signs the malware operators are “very concerned about the freshness of the data”, says Ziperium.
“The spyware doesn’t use data collected before a fixed period,” explained the firm. “For example, location data is collected either from the GPS or the network (whichever is the more recent) and if this most recent value is more than five minutes in the past, it decides to collect and store the location data all over again.”
In order to avoid detection, the malware is programmed to immediately delete any additional files it has created on the device as soon as they have been uploaded successfully.
To shield against this new malware strain, users are advised never to download content from third-party app stores and to protect their devices with a leading Android antivirus service.
- Here's our list of the best password managers available