ESET Ireland warns unwary users who fall for installing the malware might find their mobile devices held ransom or bank accounts emptied.
ESET researchers discovered a dangerous new app targeting Android devices, that is capable of downloading and executing additional malware. Detected by ESET security software as Android/TrojanDownloader.Agent.JI, the trojan is distributed via compromised websites and masquerades as a Flash Player update.
Following installation, the malware creates a fake ‘Saving Battery’ service in the Android system and urges the victim to grant it crucial permissions within Android’s Accessibility functions. If granted, these permissions – Monitor your actions, Retrieve window content and Turn on Explore by Touch – enable the attacker to mimic the user’s actions and display whatever they want on the user’s screen.
The key indicator of whether a device has been infected with this malware is the presence of a “Saving Battery” option amongst Services in the Accessibility menu. In such a case, the user should either employ a reputable mobile security app, such as ESET Mobile Security & Antivirus, to remove the threat or uninstall the app manually by going to Settings -> Application Manager -> Flash-Player.
ESET security experts have prepared a set of basic recommendations for preventing infection with mobile malware:
- Only download apps or updates from a trustworthy source – in the case of an Adobe Flash Player update, the only safe place to get it from is the official Adobe website. Always check the URL address in your browser.
- Pay attention to what permissions and rights your apps request.
- Use a reputable mobile security solution.
The full story, including screenshots, is available on ESET Ireland’s Official Blog.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…