Russian malware on Android is capable of spying using the microphone

A new malware of Russian origin is targeting Android users and is able to use the device's microphone. Lab52 cybersecurity researchers have discovered the existence of a new malware of Russian origin that specifically affects the Android operating system. Spyware spreads in the most traditional way: through seemingly harmless APK files. In detail, this malicious software hides itself in the code of an application called "Process Manager" and, once installed on the victim's smartphone, is able to acquire the data it contains. Mirroring many trusted apps of this type, Process Manager requires a series of permissions, which effectively expose the device to hacker attacks.

Android: how the new Russian malware that can spy through the microphone works As the researchers explain, the malware requires access to the phone's location, GPS data, various nearby networks, WiFi information, text messages, phone calls, audio settings and a contact list. Along with this, the virus also asks for the ability to activate the microphone and take pictures via all the sensors installed in the smartphone, both front and rear. A remote server in Russia gets all this information. The virus acts in a subtle way because, once the required permissions have been obtained, it hides the Process Manager icon from the main page. This is also a rather traditional modus operandi for attacks of this type: letting the user "forget" that they have installed the application, so they can continue to act.

Meanwhile, the virus also installs a malicious application that is exploited by hackers to generate quick profits. The advice, banal but effective, in these cases is to pay close attention to the APK files that open and to the applications that are installed on your Android smartphone, especially those whose origin you do not know or which are full of reviews. to say the least "suspicious". Source: