Regular readers of this blog know it’s risky to install Android apps from anywhere but the official Google Play Store.
As explained in this report from Zimperium’s Mobile Security Blog, a new malicious app called ‘System Update’ proves that point as well as any app ever could.
This devious app’s name implies that it can be used to update the software on your Android device.
However, what it really does is scan your smartphone or tablet for every scrap of sensitive information it can find and then send it to a scammer via the Internet.
Zimperium’s analysis concluded that this incredibly invasive app does all of the following:
- Steal instant messenger messages
- Steal instant messenger database files (if root is available)
- Inspect your device’s default browser’s bookmarks and searches
- Inspect the bookmark and search history from Google Chrome, Mozilla Firefox, and Samsung Internet Browser
- Search for files with specific extensions (including .pdf, .doc, .docx, and .xls, .xlsx)
- Inspect the content of your device’s clipboard
- Inspect the content of your notifications
- Record audio
- Record phone calls
- Periodically take pictures through either the front or back camera
- Inspect the list of your device’s installed apps
- Steal images and videos
- Monitor your device’s GPS location
- Steal SMS text messages
- Steal your phone contacts
- Steal your call logs
- Exfiltrate device information (e.g., installed applications, device name, storage stats)
- Conceal its presence by hiding the icon from the device’s drawer/menu
As you can see, there is virtually no piece of information on your device that this especially nasty malicious app doesn’t steal or otherwise compromise.
The good news is most Android users don’t have this app installed on their devices. And chances are you don’t either.
If you never install any apps from a location other than the Google Play Store you can rest easy because ‘System Update’ has never been available for download from there.
By default your device cannot install apps from third-party app stores and download sites, and that’s a good thing. If you have never changed the setting to allow third-party downloads I strongly recommend that you don’t.
If you have instructed your device to allow apps to be installed from third-party sites you need to check the list of installed apps ASAP to see if ‘System Update’ is listed among the other apps in your Apps List.
Understand that this app has nothing to do with the “System Update” info and options found in your device’s Settings screens.
This is a stand-alone third-party app that will be found in your device’s Apps List if it’s installed on your device.
If you find that ‘System Update’ is indeed installed on your Android phone or tablet you should uninstall it immediately.
Bottom line: This is one of the most dangerous malicious apps ever created. If you have it on your Android phone or tablet you need to uninstall it immediately!
It would also be a good idea to install AVG for Android as well and allow it to check your device for other hidden malware. Just sayin’.
Never miss a tip! Click here to sign up for my free Daily Tech Tips Email Newsletter!