Android warning: do not obtain some other app earlier than you recognize about these nasty new threats

Android users are constantly being warned of new threats to their devices, but 2021 could be the worst year yet. A new report from security experts at McAfee revealed the extent of the problem, with the company saying “2021 is emerging as a year of malware misinformation and underhanded attacks”. These new threats range from annoying adware that fills devices with endless pop-ups to more serious banking malware that is capable of stealing personal financial information and accessing accounts.

Google has worked hard to make its Play Store far more robust, but it appears that hackers are now using new techniques to infiltrate devices. One of the most popular ways to access smartphones is to trick Android users into installing apps through text messages or social media posts.

Unlike Apple’s iPhone, Android is a much more open platform, which means that applications can be installed from sources outside the Play Store. This makes it a prime target for hackers who want to steal data.

So, if you own an Android phone, here are four of the biggest threats to watch out for this year.

BANK MALWARE

Banking malware has seen a boom in the past few months, with McAfee Mobile Security seeing a 141 percent increase between Q3 and Q4 2020.

Most banking Trojans are distributed using mechanisms such as phishing SMS to bypass Google’s verification process. These malicious apps appear as a kind of security scanner with names like OutProtect, PrivacyTitan, GreatVault, SecureShield, and DefenseScreen

Once activated, they pretend to scan the phone for problems but simply look for apps related to the targeted financial institutions like online banking. If one is found, the malware notifies the user that a popular app such as Google Chrome, WhatsApp or a fake PDF reader is out of date and presses for an immediate update.

Clicking the Update Now button will download additional malicious code and prompt the user to enable accessibility services, giving the app complete control over the user’s device.

COVID FRAUD

Scammers will stop at nothing to access devices and have even sunk so low that they are harnessing the COVID pandemic for financial gain.

With most of the world still fearful of COVID-19 and vaccinations, cyber criminals target those fears with fake apps, text messages, and social media invitations.

According to McAfee, malware and malicious links hidden in these fakes are displaying advertisements trying to steal banking information and credentials.

One of the earliest coronavirus vaccine scam campaigns was recorded in India in November 2020, before vaccines were approved in the country. This operation started with SMS and WhatsApp messages encouraging users to download an app to apply for the vaccine. However, it was just a trick to get personal information.

ETINU THREAT

Another nasty threat called Etinu has the ability to steal incoming SMS messages using a notification listener feature. The kicker of this malware is that it can read a message without triggering SMS read permission or read receipts.

This allows the app to process information in the messages without notifying the user that messages have been read.

It can use these features to make purchases and sign up for premium services and subscriptions that will be charged to the user’s account.

Commenting on its latest threat report, McAfee said, “To avoid security reviews, many malware authors try to distribute their apps through text messages or links on popular social media sites.

“Others write apps with minimal but legitimate functionality, insert malicious code during an update when control is decreased, and then download additional encrypted packages to disguise the real malware.

“Last year, cyber criminals expanded the methods they used to hide attacks and scams, making them more difficult to identify and remove.

“Before downloading anything to your device, do a quick research on the source and developer. Many of these have been reported by other users.”

“Many malicious apps get the access they need by asking the user to give them permission to use independent permissions and settings. When installing a new app, take a moment to read these requirements and decline any unnecessary requests, especially for accessibility services and access to message notifications. “

Leave A Reply

Your email address will not be published.