While you’ll probably hear us recommend that you update as soon as possible at every opportunity, the source of these updates is important to consider. This is especially the case now that mobile security firm Zimperium has discovered a new mobile spyware that pretends to update your mobile device… but actually steals data and monitors the user’s search history and location.
Called “System Update,” many Android users have already fallen victim.
What “System Update” Does
The Remote Access Trojan (or RAT) that powers this spyware isn’t available through the Google Play store. This means that this message/contact/device info/browser bookmark/search history/microphone and camera access-stealing application isn’t available to most users.
However, should a user download it, the app could continuously track their location with the application kicking into effect whenever new information is sent to the device. The app then covers its tracks once your data is stolen, making it something that should not be taken lightly.
How is System Update Being Spread?
Perhaps unsurprisingly, phishing has proven to be an effective means for the System Update application to be spread. Despite repeated warnings from Google to never install applications from outside the official Google Play Store, many—especially those with aging devices—seek out new apps and options from other, far less trustworthy sources.
How to Protect Yourself
First, don’t download applications from outside of the Google Play Store. While some malicious apps have snuck past the review process to appear on its pages, this is a very rare occurrence. Question every attempt made to send you to another source of a download, erring on the side of avoidance.
Dresner Group can help your business do even more to protect your business from these kinds of threats, providing and using tools like mobile device management (MDM) and a Bring Your Own Device (BYOD) policy. Give us a call today to learn more at (410) 531-6727.
Comments