News hardware Russian hackers can track you with this app
Beware of Android smartphone users, your personal information can be stolen by clicking in the wrong place. Many phones are targeted after inadvertently downloading a very shady app.
An application that hacks Android smartphones
Malware is very present on Android as you can download applications without going through the official store. This opens up more opportunities for hackers who come in large numbers, increasing the danger tenfold. This vicious circle is still raging here with hackers using malware discovered by the Lab52 site, with the aim of downloading an application that steals data.
After accidentally clicking a malicious link, the malware is downloaded and the “Process Manager” application takes its place among the list of apps.
When the user clicks on the application, a message is displayed just as many times during a first launch asking for no less than 18 permissions to “operate”, including location, GPS, camera, audio settings, contacts, storage … As long as the person accepts, it is won for hackers.
The icon then disappears, making it harder to spot. However, it still works in the background and we find the logo at the top of the notification bar. There is a cascade of processes that run to extract as much personal information from the device as possible.
The Russians would be the perpetrators of this attack
According to the analysis by the Lab52 researchers, the structure, the IP addresses and the method strongly suggest the FSB, the Russian security service. Nothing is certain, even if we find the Russian language in the code lines.
Malware analysis reveals that hackers are using the overloaded smartphones to download another app called Roz Dhan. The principle is to earn money by doing simple tasks such as spending time in the app, playing games or visiting sites. Roz Dhan is very popular in India and could question the involvement of Russians in this story.
In any case, remember to equip yourself with an antivirus program and not click on a link that seems suspicious to you.
Through RommBJournalist jeuxvideo.com
P.M