- New Android Malware Secretly Records Phone Calls and Steals Private Data
Another day another malware, security researchers at Cisco Talos have uncovered variants of a new Android Trojan that are being distributed in the wild disguising as a fake anti-virus application, dubbed “Naver Defender. The malware called KevDroid, the malware is a remote administration tool (RAT) designed to steal sensitive information from compromised Android devices, as well as capable of recording phone calls. Once malware install in your system it start. Record phone calls & audio, steal web history and files, gain root access, steal call logs, SMS, emails, collect device’ location at every 10 seconds and collect a list of installed applications. All stolen data is then sent to an attacker-controlled command and control (C2) server, hosted on PubNub global Data Stream Network, using an HTTP POST request.
Cyber Security Tips: To protect yourself from such a malware
Never install applications from 3rd-party stores.
Enable ‘verify apps’ feature from settings.
Keep “unknown sources” disabled while not using it.
Install anti-virus and security software from a well-known cybersecurity vendor.
Regularly back up your phone.
Always use an encryption application for protecting any sensitive information on your phone.
Never open documents that you are not expecting, even if it looks like it’s from someone you know.
Protect your devices with pin or password lock so that nobody can gain unauthorized access to your device when remains unattended.
Keep your device always up-to-date with the latest security patches.
- New android malware stealing data from popular messenger apps
Today there are various apps which are used to send messages such Facebook, Twitter, Skype, Line, and Viber Targeted by the malware. According to the latest report, Researchers at cyber-security firm Trustlook Labs have identified new Android Trojan that is stealing data from all mainstream instant messaging apps for mobile. The malware can effectively hide its configuration file and some of its modules to evade detection. Its main task is to collect sensitive user data from instant messaging apps and IM clients. Once the malware successfully infects an app, it modifies the “/system/etc/install-recovery.sh” file. After this, it enables the file to be executed every time the infected app is opened.
Cyber Security Tips: To prevent yourself users are strongly recommended that never install third party application, keep using updated antivirus in your mobile, regularly backup your data, avoid opening unknown links or documents and keep your devices up-to-date.