Android vulnerability detected; this new malware can share your info in cybercriminal's server

Security researchers at Kaspersky labs found new Android malware which can steal details from a smartphone and then cam send it to the cybercriminal's server

If you compare iOS and Android security supports, then you will find out that as per almost every tech expert the Android is much more vulnerable to security flaws. Even the apps which are available in Play Store and iOS apps in the App Store, most of the malicious apps have been found in Android phones.

While the Android users are receiving security warning almost every day, researchers at Kaspersky labs revealed their new finding of brand new Android vulnerability which could be extremely terrifying for the users.

Malicious activities

samsung galaxy s6 edge android nougat update
Android vulnerability Albert Gea/Reuters

The research team at Kaspersky labs found a new threat for Android users which could leave the smartphone users vulnerable to malware attack which can infect and then perform a huge array of unwanted activities without the owner's knowledge.

This newly discovered threat, Trojan-Dropper.AndroidOS.Shopper.a., is a malware. As per the findings, this malware can access to the Play Store, install other dangerous apps and even leave fake reviews. As per the security experts at the firm, just to make sure that the malicious activities won't get noticed by the Android user, the installation window is concealed by the app's invisible window.

The cyber bug in Android

This malware along with downloading rogue apps, can fill the smartphone with annoying adware and it is also capable of displaying the advertisements when the device is locked.

The most dangerous thing about the malware is, it has the ability to disable Google Play Protect. It means that Android users who believe that they can protect themselves from being targeted by such any malicious activities are still vulnerable to the new threat.

The researchers also mentioned that this malware is so dangerous that it can also gain access to the information about victim's Android device which may include country, network type, vendor, smartphone model, email address, IMEI and IMSI. After the collection of such details, all information can be forwarded to the cybercriminal's server.

Advice from Kaspersky

The researchers at the security firm have advised the users to be on the lookout for any apps that don't appear official. They also asked people that "The best option is not to install apps from dubious sources at all, including from ads, whatever they promise. Even if the only danger posed by such apps comes from automatically written reviews, there is no guarantee that its creators will not change the payload at some later date."

In addition, the security experts have mentioned that in such a vulnerable situation mobile security solution can be used to solve the issue as it can detect and block dangerous apps.

Related topics : Cybersecurity