Android users have been warned regarding a new variant of malware which has the ability to not only spy on the users but also to record what the user is doing.
The malware can carry out a range of vicious surveillance functions tasks like spying on text messages and audio as well as video recording. It can intercept messages.
This malware which is named HeroRat can perform other tasks such as controlling the settings of a device, get the location of the victim, make phone calls and obtain phone contacts.
How does it work?
Cybersecurity researchers at ESET uncovered this software that attempts to deceive users into installing it with grand promises.
This malware hides behind the garb of an Android App which can reportedly offer free cryptocurrency to victims, more followers on social media and free internet connections.
When the victim installs this application, the malware leverages the bot function.
Once downloaded it then powers the bot functionality of the widely acclaimed Telegram application to control the Android phone.
More than 200 million people use the Telegram app.
What does it do?
In a blog post describing how the software operates, ESET’s security expert Lukas Stefanko said that having obtained access to the user’s device, the actor then dominates the bot functionality of the app to manage the recently infected device.
A bot controls all the infected devices. The attacker used the application to set up and operate the bot.
This malicious software has a broad host of surveillance and file exfiltration abilities, such as obstructing text messages, forwarding text messages and making phone calls, voice and video recording, receiving device location, and regulating the settings of the device.
How can you protect yourself?
As mentioned in the blog post, the best way to prevent this malware from infecting your device is to always install applications from the official Google Play Store,
Stefanko added that users should do the following to secure their devices:
- Download applications only from the Google Play store.
- Go through the user reviews before installing any app.
- Check which permissions you are giving to the application pre as well as post installation.
Do not install unknown applications
Do not download applications from unknown and unreliable sources. You might get lured into downloading apps but avoid installing APK files from app links. Stick with Official store while downloading applications.
Keep your device up to date
Every month security patches are made available for Android. These patches keep your device safe from malware, especially when a specific vulnerability which might be exploited is discovered.
Read the permissions
Do not hit the “Accept terms and conditions” button without reading the text. Whenever you download an application, go through the agreements asked by the app. Apps containing malware require excess permissions such as access to the camera, etc.