1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This evil Android malware has one devious USP it doesn't even ne

    From TechnologyDaily@1337:1/100 to All on Fri Feb 9 17:30:05 2024
    This evil Android malware has one devious USP it doesn't even need to be opened to start stealing all your photos and files

    Date:
    Fri, 09 Feb 2024 17:16:49 +0000

    Description:
    Malware still requires shady permissions, but could cause disaster for unsuspecting victims.

    FULL STORY ======================================================================

    Security researchers have spotted new Android malware that doesnt even need user interaction to launch. However, to become fully operational and run the processes it was designed to do - it still needs the victims approval.

    Cybersecurity researchers from McAfee said they observed a new version of XLoader, a known Android malware variant that was used in the past to steal sensitive user information from victims in the US, UK, Germany, France,
    Japan, South Korea, and Taiwan. This new loader is distributed in the same manner as its predecessors - via an SMS message containing a shortened URL, leading to a website hosting the malicious .APK file.

    However, the key difference comes after installation - the victim doesnt need to run the new variant - it automatically launches, and stealthily at that. Google was already tipped off and is working on a fix: "While the app is installed, their malicious activity starts automatically," McAfee said. "We have already reported this technique to Google and they are already working
    on the implementation of mitigations to prevent this type of auto-execution
    in a future Android version." Asking for permissions

    But simply running the app will not suffice, as it still needs vital permissions to start stealing data. To trick the victims into granting them, the malware was given the name Chrome, but via Unicode strings - so the apps font will look slightly off, which should be enough of a red flag. If that doesnt ring any alarms, the permissions the app seeks should: it asks for the ability to send and access SMS content, and to be able to always run in the background.

    As the pop-up messages asking for these permissions are available in English, Korean, French, Japanese, German, and Hindi, McAfees researchers believe
    these are also target countries.

    Among other things, XLoader can steal peoples photos, send SMS messages, extract existing SMS messages to a third-party server, export contact lists, grab device identifiers, and more.

    Via BleepingComputer More from TechRadar Pro New Android malware family has infected thousands of devices - here's what we know Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-evil-android-malware-doesnt-even-n eed-to-be-opened-to-steal-all-your-photos-and-files


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)