Android Malware Could Be Tracking You
Android Malware Uses Loophole To See Your Data
Scares for Android malware regularly hits the news, but they’re usually never taken too seriously. A recently found Android malware has shown us that you should never underestimate the lengths malicious organizations will take to grab your data.
The new Android malware has been dubbed GhostCtrl by Trend Micro. Interestingly, Trend Micro has already spotted three different variations of this malware, and it’s expected to evolve over time. GhostCtrl can apparently use an Android device to hijack Windows, Linux, and Mac PCs.
GhostCtrl is often hidden in third party installations for popular applications. Once an unknowing user installs it, they’ll be giving the app full permission to access the entire Android smartphone. After this, the GhostCtrl creators can use techniques such as data mining, SMS tracking, and keyloggers to gather personal information about users.
GhostCtrl can remotely reset the passwords of your device, connect to Bluetooth devices, and more scarily, cause havoc to any PCs that the device gets connected to. The GhostCtrl malware can also remotely download more files onto your device, potentially opening up your device for more infections.
The same Android malware can even reach out to your contacts, send out SMS messages and download your text history. It’s likely that this information is then sold on to other malicious organizations. These organizations will go through your data and find any valuable information they can get their hands on.
This information could include bank details, your physical location, work address, and personal contact information for your close family.
The GhostCtrl Android malware was carefully created to gather data from infected devices. The rise of such a malware makes it abundantly clear that smartphone users should use the same security practices that they use on a PC.
More importantly, Android users should never download apps from third party sources unless the source is 100% trusted. This means users should focus on only ever downloading apps from the Google Play Store.
Sometimes, malware can even briefly slip onto the Google Play Store, so for additional safety, users should install an anti-virus and security application on their device to keep themselves safe. Android owners should also carefully check the permissions that each app asks for when they are opened for the first time.
Since Android 6.0 Marshmallow, all apps must get the owners permission to access certain features of your device. For example, an app that needs to save data to the storage must get permissions to access the internal device storage. An app that takes pictures must get permission to use the camera module.
In some cases, apps will ask for permissions that the functionality of the app doesn’t require. In this case, a user should always be extra vigilant. An example of this is when a utility app (for example, a flashlight) asks permissions to access the contacts on your device.
Another suggested security practice from Trend Micros is to keep your smartphone software up to date. Android owners should regularly visit the settings menu to check for updates. If updates are pushed out, Android owners should download them as soon as possible.