JAKARTA - There are always loopholes for digital security. And recently, smartphone security researchers Zimperium discovered the presence of malware that is sophisticated enough to disguise itself as an Android system update.
The malware is found in the "Application Update" package that appears on the user's screen. Surprisingly, instead of being updated via Google Play, users are redirected to another page and then install it via a third party.
If installed, this application will hide malware. The malicious program is in charge of sending data from the victim's device to the destination server.
Researchers from Zimperium who discovered the malicious application revealed that malware is able to steal various data on the device. Such as messages, contacts, cellphone information, pages stored in browser applications, search history, call recordings.
Not only that, malware can also use a microphone to record sound and activate the camera to take pictures. The malware is also tasked with tracking the user's location, searching for document files and retrieving copy data from the device.
Compared to other malware that has been found, this new type is also recognized to be able to hide itself better. By reducing data consumption. Instead of sending large data, this malware only uploads files in the form of thumbnails.
Easy TargetsCEO of Zimperium, Shridhar Mittal revealed that the malware is most likely part of a targeted attack. According to him, the malware program is the most sophisticated he has ever encountered.
"In my opinion, it took a long time and a big effort to make this application. We also believe that there are similar applications out there, and we are doing our best to find it as soon as possible, "said Shridhar quoted from TechCrunch, Monday, March 29.
Tricking users into installing malicious apps is an easy and effective way to take control of the victim's device. Therefore, the Android operating system always reminds users not to install third-party applications other than the Play Store.
However, because old Android devices are no longer able to run the latest version of the application, it eventually forces users to rely on application store services other than the Play Store.
In fact, according to Mittal's findings, malicious applications are usually never published on the Play Store. Usually, similar applications can be found on other application providers.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
