According to some researchers at mobile security firm Zimperium zLabs, a new malware that impersonates as a critical software update is reportedly threatening all Android-powered devices. The advanced malware is fully capable of stealing personal information like messages, pictures and contacts from these devices and can fully control them, reported News 18.
The malware comes along with an app called 'System Update' that has to be downloaded and installed outside of Google Play store.
"It is easily the most sophisticated we have seen. I think a lot of time and effort was spent on creating this app. We believe that there are other apps out there like this, and we are trying our very best to find them as soon as possible", said Zimperium CEO Shridhar Mittal.
"Apart from the various types of personal data stolen from the victim, the spyware wants more private data such as the victim’s bookmarks and search history from popular browsers like Google Chrome, Mozilla Firefox, and the Samsung Internet Browser", read the blog post by Zimperium zLabs reporting the issue.
One of the easiest ways to avoid this fraudulent practice is by not downloading files outside of the Google Play store. The malicious “System Update” app, which comes bundled with the reported bug, is not even available on Google Play Store and Google has not talked about the issue yet.