Hackers are now using a combination of malicious apps and brand impersonation to steal the passwords and other sensitive data of unsuspecting Android users.
As reported by The Hacker News, a new malware campaign has been spotted online in which malicious Android apps pose as Google, Instagram, Snapchat, WhatsApp, X and other popular online services in a bid to harvest contacts, text messages, call logs and of course, passwords from vulnerable Android phones.
Although security researchers at SonicWall’s Capture Labs team know quite a bit about this new campaign so far, they aren’t quite sure how the malicious apps used in it end up on the best Android phones. However, these fake apps could be spread on phishing sites, through emails or text messages or they may even come bundled with pirated software.
While we’ll likely learn more regarding the intricacies of this campaign and the hackers behind it once SonicWall does, in the meantime, here’s everything you need to know to avoid getting a nasty malware infection on your own Android phone as the result of a malicious app.
From a fake app to fake login pages
According to a blog post from SonicWall, once the malicious app used to distribute this malware is installed on a victim’s phone, it then uses famous Android app icons from popular apps and online services to hide in plain sight.
When the malicious app is opened for the first time which could easily happen by mistake as it’s impersonating another app, it requests access to two permissions: Android Accessibility Service and Device Admin Permission. If a potential victim grants the app access to these sensitive permissions, it can then take control over their phone and steal sensitive data from it without their knowledge.
The…
read more www.tomsguide.com
Terms of use and third-party services. More here.
Soccer | NFL | NBA | Ads. Amazon
Sports Fan Rings | Sports Fan Football | Sports Fan Jerseys | Sports Fan T-Shirts | Sports Fan Shoes | Sports Fan Jewelry | Puffer Jackets |