Fake Android Messaging App Can Secretly Track You And Steal Your DataRecently, it appears like cyber criminals have been turning their spotlight to trending messaging applications to trap clients into installing malicious software or more awful, giving away their sensitive data. We all heard WhatsApp phishing campaign it is designed to take your data and your well-deserved money.
But, it looks like that's not the only insidious fraud going on this week. Truth be told, the most recent malware is piggybacking the messaging app's popularity and can expose more damage also do far worse harm to its casualties.
What is GhostCtrl?
GhostCtrl is a newfound Android malware that's being spread around camouflaged as trending applications like WhatsApp and Pokemon Go. Uncovered by security specialists at Trend Micro, the malicious application opens a secondary passage on your mobile phone and is prepared of secretly recording audio and video, SMS tracking, resetting your mobile phone's password, thus locking you out of your own phone!
It can likewise track your phone activity and steal your personal information like pictures, call logs, contacts, and browser history. So, this Android application can secretly control many of the infected device’s functionalities.
It gives off an impression of being built on multi-platform malware OmniRAT, a tracking tool for Android, Linux, Windows, and Mac, yet GhostCtrl was designed exclusively for tracking Android devices. It is additionally part of the greater RETADUP information theft worm campaign that targeted two Israeli hospitals in June.
Up until now, three versions of GhostCtrl have been identified with more advanced hijacking features included for each newer variant. The primary version of GhostCtrlhas a structure that empowers it to gain administrator-level privilege.
While it had no capacity codes at the time, the second version did. The second version added more device features to hijack. It can lock the phone’s screen and reset its password, and furthermore root the infected phone.
It can likewise hijack the camera, create a planned task of taking pictures or recording video, then surreptitiously upload them to the C&C server as mp4 files. The third version joins the best of the prior adaptations’ features – to say the least. It incorporates obfuscation techniques to hide its malicious routines.
Build on the techniques each employed, the researchers said the malware is probably going to acquire more functionality in future versions. Users can be infected by downloading fake versions of legitimate applications like WhatsApp from third-party application sources.
Once opened, the malware installs a malicious package that can take control over your mobile phone while opening a backdoor connection to its command and control server.
How Can You Protect Yourself?
To secure your Android phone from GhostCtrl infections and other malware attacks in general, abstain from downloading and installing applications and APK packages from third-party sources. Just download applications from the official Google Play application store and ensure you check user reviews, too, before installing any app.
You need to keep your device updated with the most recent security updates and to turn on data encryption for your telephone.
Finally, keep regular backups of your information to secure against sudden information loss or ransomware.