Researchers at Lab52 have discovered Process Manager malware capable of recording audio, tracking the user’s location.
This application is hidden inside some applications on Google Play, once installed, it will try to hide on the victim’s device with a gear icon, making users mistakenly believe that this is part of the system.
According to Lab52, this malicious code was previously linked to Turla, a famous hacker group believed to be supported by the Russian state. This group specializes in using custom malware to target European and American systems, mainly for espionage.
Malware running in the background on the phone. Photo: Lab52.
After being installed and granted system permissions, the application will steal the victim’s data, eavesdrop and track the user’s location.
On first launch, this malicious app will claim access to location, network status, camera, contacts, external storage, call logs, Foreground service, messages, recordings.. . to collect the device’s location, send and read texts, access memory, take photos/videos with the camera, and record audio.
After being granted the above permissions, this spyware will remove the icon from the screen and silently run in the background making it very difficult for users to detect.
This malware was discovered lurking in the Roz Dhan: Earn Wallet cash app on the Google Play Store.
If you have installed it by mistake, please remove this application immediately by going to Settings -> Apps -> Manage apps, find the malicious application name – > click Uninstall.
at Blogtuan.info – Source: gamek.vn – Read the original article here