Android malware poses as top apps to steal data — Google, Instagram, WhatsApp all spoofed

Celebrity Gig

Multiple malicious Android applications have been spotted masquerading as some of the platform’s most popular tools, but anyone installing the imposters might get their login credentials or other, very sensitive information stolen from their device.

A report from cybersecurity researchers SonicWall Capture Labs described observing multiple apps pretending to be Google, Instagram, Snapchat, WhatsApp, Twitter, and others, mostly by using icons that look almost identical to the ones used by legitimate apps. 

“This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the researchers said. They did not discuss who the cybercriminals behind the campaign are, or how they go about distributing these apps. An educated guess would be through fake websites, instant messaging platforms, phishing, and more.

READ ALSO:  Samsung says S23 sales ahead of S22; most people buying S23 Ultra

Increasing sophistication

They also didn’t say who the most popular targets are, or where they are located. We have reached out to SonicWall with additional questions and will update the article when we hear back from them. 

Once the malware is installed on the Android device, it will first ask for Accessibility Service and Device Admin Permission permissions (the latter is present in older models), which should be enough of a red flag for anyone. 

READ ALSO:  Study shows AI could lead to inconsistent outcomes in home surveillance

Still, if the victim grants these permissions, the app can then connect to its command-and-control (C2) server to receive further commands for execution, access the device’s contact lists, SMS messages, call logs, and the list of installed apps. It can also send SMS messages; open phishing pages on the web browser, and toggle the camera flashlight.

READ ALSO:  How to protect your personal info after AT&T's data breach

The best way to protect against malicious Android apps is to only download them from legitimate sources, always double-check the ratings and user reviews, and be mindful of the permissions the app is requesting upon installation.

More from TechRadar Pro

Categories

Share This Article
Leave a comment