TECH TUESDAY: New Android Malware Disguises Itself as a Chrome Update

internet data virus malware scan find harm mobile phone



We share a lot of news on malware and threats because being armed with information is a good thing. When it comes to staying informed, we’re hoping you find Curious to be a place to visit, especially when it comes to being safe online. It may sound like we are repeating ourselves when it comes to matters of cybersecurity (and I’m pretty sure I’ve said that before, too), but this is because as hard as we try to protect ourselves from identity theft, data breaches, and other online threats, black hat hackers are working harder to create ways and means of getting to our most sensitive of data. You could say it’s like dealing with supervillains that refuse to take a break. What is incredible to me is seeing how some malicious hackers continue to use tactics that are simply variations on old tricks. No doubt you’ve received spoof alerts from vendors like PayPal, Amazon, or Wells Fargo Bank all claiming that “your account will be suspended” when, in fact, the links provided lead you to a site that is not affiliated with PayPal, Amazon, or Wells Fargo Bank. Sometimes, these bogus notifications of account suspensions, upgrades, or the like are hardly trying to fool you. Other attempts, however, are hauntingly accurate.

And scarier still are when these malicious hackers emulate mobile apps. What can appear as “yet another app update” can be an opportunity for hackers, counting on you being in a hurry or on the go, too busy to notice anything out of the norm.

mobile devices and coffeeThis new malware exclusive to Android-running devices disguises itself as a Chrome update. ThreatLabZ discovered this malware in an Android Google Chrome update, using domain squatting (which is when domains are purchased but developers do nothing with them) to mix up host names similar to verified Google updates. At a glance, the URLs appear to be trustworthy Google sites but are quickly swapped out with malware URLs, effectively evading any URL-based filtering. ThreatLabZ have designated this malware as an info-stealer, but its first objective is shutting down any and all security apps you may have on your device. After your device is registered on the hackers’ designated server, phone numbers from all call activity and text messages are harvested. Finally, credit card information is stolen through a fake payment page that appears once a user opens the Google Play store. This particular info-stealer can only be removed from a device through a factory reset which means any new data collected from your last backup will be lost.

Malware may arrive from compromised or malicious websites using scareware tactics (an alert appearing that says, “Oh, your computer is infected! Click here to clean it!” which in a bitter twist of irony infects your computer) or masquerading as updates. An easy way to avoid this sort of trouble is to stay away from questionable websites in the first place, but it is a bit like telling someone “Don’t laugh…” as site containing free media like books, films, and music are rife with malware.

Think twice about clicking “OK” on sites you can’t verify. If you are on a site you cannot be certain is a legitimate, secure location, tread carefully. Tread carefully when reminded by your phone of an unexpected update. Hackers count on you not paying attention which, in the constant bombardment of data we receive, is easy to do.  

Be very, very careful. That is something your privacy counts on.


shurtz.jpgA research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratfdord University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.

Leave a Reply

Your email address will not be published. Required fields are marked *