A new strain of the GravityRAT malware, previously thought only to affect Windows machines, has crossed over to infect Android and macOS devices. The remote access trojan has been traced to Pakistani …
mac hacker – read more
Researchers at security firm Zscaler explain this version of the malware is being distributed as “Firmware_Update.apk”:
An HTML page serving this malware scares the victim by showing that the device is vulnerable to viruses and to prevent personal data theft, prompting them to install the fake update.
The message, which pretends to come from Google, attempts to frighten Android users into believing that their smartphone or tablet is already infected by malware, and that personal information may be accessible to other internet users.
Your phone is insecure!
Your Android device has 3 critical issues and is vulnerable to viruses.
Some of your photos, chat messages and account passwords may have become visible to others on the internet.
To prevent further data leaks please download firmware update.
Upon installation, the Marcher malware asks for administrative access.
The malware needs those privileges to check for banking and payment apps as well as other well-known services installed on the victim’s device, including Facebook, WhatsApp, Instagram, Gmail, and others. If the user opens any of those apps, Marcher will see it coming, overlay a fake login page, and wait for them to enter in their credentials.
Guess what? The authors of the infamous ZeroAccess malware have pushed out another update, and this time they’re using some interesting techniques to stay alive longer. James Wyke of SophosLabs explains…
Naked Security – Sophos