CDSA

Irremovable Data-Stealing Android Malware Poses as Google Chrome Update (ZD Net)

[svg-table-content]

A banking and personal information stealing mobile malware posing as a Google Chrome update for Android, and which can’t be removed from the infected device, has been spotted in the wild by cybersecurity researchers.

The infostealer malware – discovered by the Zscaler ThreatLabZ research team – is capable of harvesting banking information, call logs, SMS data and browser history which are all sent to a remote command-and-control server.

Rather than being served by one URL, the malware squats on multiple domains which are similar to existing Google updates. Each URL is only active for a short amount of time, with the addresses serving the malware regularly updated and replaced in order to ensure it avoids detection.