Digital Trends
Mobile

New Android malware disguises itself as a Chrome update

Aliya Barnwell
By

1 of 5
infostealer malware hides as android chrome av check
infostealer malware hides as android chrome c
infostealer malware hides as android chrome end call
infostealer malware hides as android chrome cc theft
virus phone
There’s a new info-stealing malware hiding out there in a familiar cloak, waiting to infect your Android device. Zscaler’s security research team, ThreatLabZ, discovered the malware, which hides in the form of an Android Google Chrome update.

The domains used by the infostealer look like file names for Google updates, but each URL is only active for a little while before being replaced. It changes URLs like a spy changes clothing in order to remain undetected by URL filters.

ZScaler provided a list of URLs they’ve caught:

http[:]//ldatjgf[.]goog-upps.pw/ygceblqxivuogsjrsvpie555/

  • http[:]//iaohzcd[.]goog-upps.pw/wzbpqujtpfdwzokzcjhga555/
  • http[:]//uwiaoqx[.]marshmallovw.com/
  • http[:]//google-market2016[.]com/
  • http[:]//ysknauo[.]android-update17[.]pw/
  • http[:]//ysknauo[.]android-update16[.]pw/
  • http[:]//android-update15[.]pw/
  • http[:]//zknmvga[.]android-update15[.]pw/
  • http[:]//ixzgoue[.]android-update15[.]pw/
  • http[:]//zknmvga[.]android-update15[.]pw/
  • http[:]//gpxkumv.web-app.tech/xilkghjxmwvnyjsealdfy666/

Director of Security Research at Zscaler, Deepen Desai, told ZDNet, “The malware may arrive from compromised or malicious websites using scareware tactics or social engineering.” An easy way to avoid that trouble is to stay away from questionable websites in the first place, and think twice about clicking “Ok.”

He said, “One common theme we have seen in recent malicious android application packages involves scareware tactics where the user will see a popup indicating that their device is infected with a virus and asks them to update to clean up infection.”

After downloading, the fake update called “Update_chrome.apk” prompts unsuspecting Android users to grant it admin access. If they agree, the malware seeks out and nullifies any already installed security or antivirus apps like Avast, ESET, Dr. Web, and Kaspersky to prevent them from functioning as they should.

Once the security software is crippled, the fake Chrome goes about tracking all texts and calls, sending the info to a command-and-control server. The malware can even hang up on unknown callers. If the Google Play Store is installed, it will show a fake credit card payment page that looks eerily close to the real one. If the user falls for that, the malware will send the CC info to a Russian telephone number.

Since the user can’t revoke its admin access, once the user gives the fake chrome infostealer admin access, the only recourse is to factory reset the device.

Editors' Recommendations

Don't Miss

Here are 20 portable tech gadgets you'll want to use every day
Up Next

60 percent of government data requests from Facebook come with a gag order
Winegard-Flatwave best indoor HDTV antennas
Home Theater

Banish the bunny ears (and monthly bills) with these excellent HD antennas

When transitioning away from cable and satellite, finding the best HDTV antenna for your area can be touch. To help, we've compiled our picks of the best indoor HDTV antennas you can buy.
Posted By Brendan Hesse, Ryan Waniata
pixel 3 camera lens
Mobile

We tried all the latest and greatest smartphones to find the best of 2019

Smartphones are perhaps the most important and personal piece of tech on the planet. That’s why it’s important to pick the best phone for your individual needs. Here are the best smartphones you can buy.
Posted By Julian Chokkattu
Netflix Expansion
Home Theater

Here’s why you’re not getting Netflix in HD or 4K, and how to fix it

Are you having trouble watching your favorite movies or TV shows on Netflix in HD or 4K? We explain why loading takes so long, why the picture quality fluctuates, and what you can do about it.
Posted By Parker Hall
best hp laptops chromebook 13
Computing

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…
Posted By Tyler Lacoma
Samsung Foldable Phone
Mobile

Samsung's advanced folding phone needed 'total reconfiguration' to make it real

Samsung has been showcasing bendable display tech for a few years and now a folding smartphone might finally arrive. The Galaxy X, or perhaps the Galaxy Fold, may be the company's first example. Here's everything we know about it.
Posted By Andy Boxall
sony xperia xz3 pocket
Mobile

The Sony Xperia XZ4 shines in case renders from accessory maker Olixar

Sony may have released the Xperia XZ3 in the past few months, but already it's preparing to release a follow-up, the Xperia XZ4. We're learning plenty about the phone now some details have started to leak out, and it's getting exciting.
Posted By Mark Jansen, Christian de Looper, Andy Boxall
Pixel 3 taking a photo
Mobile

Benchmark scores surface for Google's midrange Pixel 3 XL Lite

The Google Pixel 3 and Pixel 3 XL are considered to be two of the best Android smartphones, but it looks like Google could be prepping a midrange line. Say hello to the Pixel 3 Lite and Pixel 3 Lite XL.
Posted By Mark Jansen, Andy Boxall
apple airpower feature
Apple

Rumors say Apple's AirPower wireless charger may finally be in production

At its September event in 2018, Apple unveiled the AirPower, a new wireless charging mat that will allow you to charge multiple devices at one time. It has not yet been released. Here's everything we know about the device so far.
Posted By Mark Jansen, Steven Winkelman
vlc player apple airplay 20190115 093449
Computing

Beam up the videos: AirPlay support is coming to VLC player

At CES 2019, the developers of VLC player announced they are adding support for Apple's Airplay feature, allowing consumers to beam video and other content from their iPhone and Android devices to an Apple TV. 
Posted By Arif Bacchus
lg g7 thinq review
Mobile

The LG G8 ThinQ may arrive at MWC 2019 with an on-screen speaker

LG is expected to release a successor to the LG G7 ThinQ, possibly called the LG G8 ThinQ, this year and rumors about it are already spreading. Here's everything we know about it so far.
Posted By Andy Boxall, Mark Jansen
oppo find x lamborghini top back
Mobile

Oppo could reveal a new smartphone with a 10x optical zoom

Cracking a solid zoom on smartphones has been a riddle many years in the solving. One company may have finally cracked it though: Oppo may be about to show off a phone with a 10x optical zoom.
Posted By Mark Jansen
Nike Adapt BB
Outdoors

Nike’s Adapt BB shoes let you tighten your laces with an iPhone

The new Nike Adapt BB shoe comes with smartphone connectivity that allows the user to tighten the laces using a smartphone while providing the ability to adjust tension throughout the game.
Posted By Kraig Becker
Mobvoi Ticwatch Pro
Wearables

How to switch TicHealth to Google Fit on the Mobvoi TicWatch C2 and TicWatch Pro

The Mobvoi TicWatch C2 and TicWatch Pro are both much-loved and feature-packed watches, and they offer excellent fitness tracking. Recently, Mobvoi has switched out Google Fit for TicHealth, but you can switch them back. Here's how.
Posted By Christian de Looper
Mobile

If you're looking for a good laugh, here are 70 questions to ask Siri

Siri has come a long way since her first appearance on the iPhone 4S in 2011. We know she can make appointments and give directions, did you know she can make you laugh too? If you want proof, here are lots of funny questions to ask Siri.
Posted By Simon Hill