Notebookcheck Logo

An Android app calling itself "System Update" is unmasked as malware by a security company

The fake System Upate app's on-screen presence. (Source: Zimperium)
The fake System Upate app's on-screen presence. (Source: Zimperium)
According to the cybersecurity specialists Zimperium, a non-Google Play Store app masquerading as a system-update tool found online is in fact Android malware. Once installed on devices via side-loading, it apparently steals information ranging from SMS messages to clipboard data. It may also hijack phone cameras and mics to spy on unsuspecting users.

Zimperium has published a blog post warning Android users off installing an app called "System Update", asserting that it is in fact a form of malware capable of stealing a wealth of personal and sensitive information from their phones or tablets. This software may be found online by searching for the name in question, and may even have a convincing-looking Google logo as an icon, but is not found on the Play Store.

Once installed, this humdrum-looking app allegedly starts communicating with its maker's command and control (C&C) server via the Firebase system, sending it information on subjects such as how its new host connects to the internet, its battery stats and whether WhatsApp is installed or not.

This is because it is apparently a form of malware called a Remote Access (or RAT) trojan, and may thus be capable of sending all kinds of user data back to its C&C server. They may include messages (whether from apps such as WhatsApp or thoes sent via SMS); recorded phone-calls; GPS-derived location info; browser search histories and even the contents of clipboards or notifications.

Therefore, they may allow a malicious actor to find out an awful lot about a given device's owner. Moreover, Zimperium notes that RATs are also capable of periodically activating a phone's cameras (front- or rear-facing) and mics for further spying potential. All in all, this new report may be a timely reminder to Android fans that they should definitely be careful of what they side-load.

Source(s)

Read all 3 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
.170
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 03 > An Android app calling itself "System Update" is unmasked as malware by a security company
Deirdre O'Donnell, 2021-03-28 (Update: 2021-03-28)