Android users may be getting pinged to update their operating system — but are downloading a form of malware instead. A new spyware is making the rounds that really tunnels into someone's phone, and gains access to details by recording audio and phone calls, taking photos through a device's camera, reading browser history and even accessing WhatsApp messages as well, according to mobile security company Zimperium.
What's uniquely problematic about this malware is that people may be willingly downloading it to their devices, thinking it's a system update. These kind of updates are hardly unusual. Even Apple is pushing a system upgrade because of an exploit targeting iPhones, iPads and the Apple Watch this week.
Krampus malware hits iPhones during the holiday season
But this system update is a bit different in that it's not coming from the Google Play store, but from another third-party location. That alone should be a clue to people that it may not be official. But this malware is also good enough to remove traces of its activity, according to Zimperium, which didn't identify who had created this malware, or is benefiting from the data collected.
Even apps in the official Google Play store may not always play nice. Google has routinely had to pull apps from the Play store, after discovering these programs were not behaving well, whether that was Beauty Camera which pushed out pop up ads to people's phones, or Sonic Spy which also grabbed hold of user's cameras as well.
The malware in this most current case, also constantly updates personal details, refreshing location data and even taking new photographs from the camera every 40 minutes.
Downloading third-party apps from outside the Google Play store for Android devices, or the App Store for Apple, is rarely a secure move. The same holds for operating system updates, which should be updated through official options.