There’s a terrifying new type of malware targeting Android cell phones. Called GhostCtrl, this ZDNet story describes it as “one of the most advanced Android information-stealers ever discovered, enabling attackers to open a backdoor in order to monitor data, steal information, record audio and video, and even infect the phone with ransomware.”
Researchers are warning the malware, which is believed to embody three versions right now, could evolve and become even more dangerous.
Trend Micro detected the malware and named it. You can read all the nitty-gritty code details here.
The malware can reportedly:
- Steal data, including call logs, text message records, contacts, phone numbers, location and browser history
- Record audio and video without you knowing it.
- Gather info about the phone, including battery level, wi-fi etc.
- Be mobile ransomware: “It can lock the device’s screen and reset its password,” according to the Trend Micro blog post. So how can you stay safe? By knowing how users become infected. In this case, it’s by “downloading fake versions of legitimate apps, like WhatsApp and Pokemon Go.”
As always, to prevent your phone from being infected with this dangerous malware, you should:
- Only install applications from legitimate sources (i.e., the Google Play Store). That being said, you might want to consider limiting the apps you download in general, since location tracking Android spyware has been found in the Google Play store as well.
- Don’t put off updating your devices. As soon as new updates are released, take the time to install them.
- If you own a business or have children with phones, consider restricting permissions on the devices so that people can’t inadvertently download malware.
Are you covered for identity theft?