Security researchers have found a new strain of malware that will steal your instant messenger data.
Cybersecurity firm Trustlook has issued their findings on a new android trojan. The new malware is fairly limited in what it does yet uses some fairly advanced evasion techniques.
The malware first attempts to gain boot persistence, so that each time the device is booted up, the malware will execute. Once obtained, the malware specifically targets IM clients, extracts their data, and will upload to a remote server.
The malware is being spread through a Chinese application translated to Cloud Module. Because this is a Chinese malware being distributed through Chine, where the Google Play Store does not operate, it is believed to only be spreading through third party app stores.
The IM clients which the malware is targeting are as follows;
Voxer Walkie Talkie Messenger
Gruveo Magic Call
TalkBox Voice Messenger
This malware provides a perfect example of the weak point in end to end (E2E) encryption. E2E encryption protects messages in transit, when it is much easier for hackers to simply attack unsecured phones and grab the data from there.
Source: Bleeping Computer