Beware of Malware Disguised as Google Chrome: How to Protect Your Android Device
The online realm presents dangers for unsuspecting users as threat actors aim to steal personal data. A new malware has emerged targeting Android users, masquerading as Google Chrome, a widely-used search engine. Android users of Chrome must be vigilant against this dangerous threat.
Recent revelations by cybersecurity experts expose a significant menace to mobile security, particularly for Google Chrome users on Android. An advanced iteration of the Android XLoader malware, affiliated with the threat actor 'Roaming Mantis,' poses a grave concern as it can self-execute without user intervention.
According to reports, the malware spreads via SMS texts containing shortened URLs, directing users to a webpage and prompting the download of an Android installation file (APK) disguised as a benign mobile app.
McAfee researchers, cited by BleepingComputer, underscore the malware's sophistication. This new variant not only infiltrates devices but also self-activates post-installation. Posing as 'Chrome' with a stylized 'r,' it deceives users into granting continuous background running privileges. It coercively urges users to designate it as the default SMS application, employing messages in various languages.
The malware autonomously conducts nefarious activities, compromising sensitive data such as passwords, messages, photos, contacts, and critical hardware information.
How to Protect Your Android Device
McAfee has reported the issue to Google, but users should also enable Google Play Protect on their Android devices. This can be achieved by accessing the Google Play Store, clicking on the profile picture, selecting 'Play Protect,' and activating the service.
Additionally, users should exercise caution by avoiding visits to unreliable websites and refrain from downloading content from unofficial sources. It is advisable to download software exclusively from the developer's official website. Furthermore, users should remain vigilant while engaging in online gaming, wary of sporadic download links appearing on-screen.