Posted On 10 Apr 2021
A new Android malware threat has been identified that can mine an infected device and transmit sensitive information to its controllers. This new threat comes disguised as a system update, telling users to download it from a third-party store. Once it’s downloaded, it follows the instructions of a command-and-control server that’s capable of spying on virtually every feature of an Android device, including recording phone calls, taking pictures, stealing images, sending data location information, stealing address books, viewing browsing history, etc. Worryingly, WhatsApp, the most popular messaging application, is vulnerable to database theft using this app. Once the app has found its way onto a device, it can be very difficult to identify, as it hides its icon and only steals thumbnails when a user is using mobile data, so they are not tipped off by the increased bandwidth use; once the user is connected to Wi-Fi, the app sends out the full information.
Obviously, the best way to combat this malicious app is never to download it in the first place. Users should never download apps from third-party sources; going through Google Play Store adds an order of magnitude of security, and Google have confirmed that this malware was never available for download on their store.
Flagstar Bank, which has headquarters in Michigan and is in the top 75 largest US banks list, has had to admit that cyber criminals from the Clop ransomware gang successfully infiltrated its infrastructure and stole the private details of staff and customers. The criminals soon up the ante to make the bank pay the ransom by publishing details of staff addresses and contacting customers to inform them that they were in possession of personal information. Many customers have expressed extreme dissatisfaction with the way the bank has handled matters, particularly customers who left the bank some time ago but whose details we are still being held. The bank has attempted to apologise by offering all affected customers two years of free credit monitoring and identity protection services, although whether customers will want to trust the bank with the information required to set these up considering what has happened remains to be seen. In the meantime, the bank has warned customers to doublecheck any communication which allegedly comes from the bank, as it may in fact come from the criminals; customers may also benefit from closely monitoring their accounts to check unusual activity and to report it immediately it occurs.