How this 'dangerous' Chrome app can automatically steal your passwords, photos

8 months ago 17

A team of researchers have found malware that, once installed on any

Android device

, can automatically steal users' data like photos, passwords and chats. It is a new variant of MoqHao (also referred to as Wroba and XLoader), which is a well-known Android malware family. Recently, the McAfee Mobile Research Team found that MoqHao has begun distributing this ‘new dangerous’ variant via SMS links.
What makes this malware dangerous
According to the report, the hackers send a link to download the malicious app via SMS. While a typical MoqHao malware requires users to install and launch the app, this variant requires little execution from the users' side. When the app is installed, hackers' malicious activity starts automatically.
The malware disguises itself as ‘Chrome’ that can fool Android users into downloading the app. Once downloaded, the malware requests users to set itself as the default SMS app with prompts in various languages like Hindi, English, French, Japanese and German.

"Also, the different languages used in the text associated with this behaviour suggests that, in addition to Japan, they are also targeting South Korea, France, Germany, and India," McAfee said.
How this malware works
The hackers use social engineering techniques to convince users to set this malicious app as the default app. They show messages just like the way a legitimate app would flash. This message is fake and is used to make users believe that they have downloaded a legitimate app.

How to spot the malware-laden Chrome app
This app has an italic 'r' and asks users to let the app always run in the background. Google Chrome doesn't ask for such permission. Furthermore, any link that comes via an SMS is a red flag and must not be clicked.
McAfee said that the company has already reported this technique to Google and the company is "already working on the implementation of mitigations to prevent this type of auto-execution in a future Android version."
The Google Chrome app is available to download from Google Play Store and it is advised that users download all apps from the official store. Android users are protected by Google Play Protect, which is on by default on Android devices with Google Play Services.

Article From: timesofindia.indiatimes.com

Read Entire Article

Note:

We invite you to explore our website, engage with our content, and become part of our community. Thank you for trusting us as your go-to destination for news that matters.

Certain articles, images, or other media on this website may be sourced from external contributors, agencies, or organizations. In such cases, we make every effort to provide proper attribution, acknowledging the original source of the content.

If you believe that your copyrighted work has been used on our site in a way that constitutes copyright infringement, please contact us promptly. We are committed to addressing and rectifying any such instances

To remove this article:
Removal Request