Malware specializes in stealing private chat content on Android
Android smartphones are being targeted by a new type of malware that specializes in stealing users' private chat content on applications such as Facebook Messenger, Skype,...
Discovered by experts from cybersecurity company Trustlook, the malware modifies the "/system/etc/install-recovery.sh" file inside apps, then immediately extracts data, even when the device has been rebooted.
|
| Hackers are increasingly rampant with malware for smartphones. |
After infecting the first app, Cloud Module, under the name com.android.boxa, the malware is now spreading across China. Trustlook warns that the malware is difficult to detect, so it can easily bypass Android's security layers.
The list of apps that could be affected by this malware includes Facebook Messenger, Twitter, Skype, Telegram, Tencent WeChat, Viber, Weibo, Voxer Walkie Talkie Messenger, Gruveo Magic Call, Line, Coco, BeeTalk, TalkBox Voice Messenger, and Momo.
The warnings also note that Android users should only install apps from Google Play. However, it is possible that devices could be infected with malware after downloading content from emails or third-party websites.
The data, once illegally collected, is extracted and sent to a remote server. Trustlook said it is likely that the malware that steals this information is used for ransom.