New and Improved Android Malware Disguises Itself to Steal Sensitive Data

The notorious Android malware known as Fake Calls has returned with new and improved ways to evade detection on mobile phones. According to security investigators at Check Point Research, the latest version of this virus possesses the ability to hide its presence on a device by using several techniques.

It first emerged in 2019 and was designed to steal sensitive data from Android gadgets by making fake phone calls. It was spread through fake Android platforms that claimed to offer free mobile data or voice minutes. Once installed, the malware would make calls to premium-rate phone numbers without the user's knowledge, resulting in unauthorized charges.

The latest version of Fake Calls is even more dangerous than before, as it can now hide its presence on a device using several methods. One such technique involves malware disguising itself as a system application, making it difficult for users to identify and remove. In addition, the malware can now also generate fake icons on a device's home screen, further masking its existence.

Check Point Research discovered the new version of this virus after analyzing suspicious activity on a client's Android device. It was found to be capable of executing a wide range of malicious activities, including stealing sensitive data, recording audio and video, and even taking over a device's camera and microphone.

The most recent samples that investigators have collected and examined show that this malware utilizes three additional evasion methods.

The first method, referred to as "multi-disk," is altering the ZIP header info of the APK file by putting erroneously increased weights for the EOCD history to trick computerized analysis.

The second method implicates altering the AndroidManifest.xml folder to obscure its starting title, changing the construction of the strings and types, and fiddling with the offset of the last string to lead to erroneous performance.

In the asset folder, many sub-files are counted inside nested folders as the third technique, resulting in various names and locations that are longer than 300 characters.

Vishing is an issue that commanded individuals in South Korea $600 million in 2020, as per statistics, and there have been 170,000 documented preys between 2016 and 2020.

Consumers may protect themselves from these scams by downloading apps from trusted sources, such as the Google Play Store. In addition, they should keep their devices up to date with the latest security patches and install a reputable antivirus app to help detect and remove any malware infections.

The resurgence of Fake Calls highlights the ongoing threat posed by Android malware and the need for users to remain vigilant in protecting their devices. As cybercriminals continue to develop new and more sophisticated malware, users need to take proactive measures to safeguard their data and prevent unauthorized access to their devices.

To sum up, this deadly virus has remained in South Korea, but if its creators create a new lant and app overlay to target banks in other nations, the malware may simply spread its activities to other locations.

Read next: According to "The State of Journalism 2023," report the two biggest problems facing journalists today are disinformation and lack of funding
Previous Post Next Post