Posted on July 24, 2017 at 1:34 PM
There is a new form of malware you should beware of – a malware posing as the popular messaging application WhatsApp. Everything from call logs, text messages, contacts and phone numbers to location and browser history could be stolen from your smartphone once this virus attacks.
If you’re using WhatsApp, be careful of this new form of malware that is posing as the popular messenger.
The malware in question is called GhostCtrl, and alongside posing as WhatsApp, it also disguises itself as other popular apps, like Pokemon Go, to trick smartphone users to download the virus.
Once the fake app is downloaded, the installment of the virus begins, taking over the device.
How it does that is by creating a backdoor into the device, giving cyber criminals access to the phone’s data, like call logs, text messages, phone numbers, contacts, web history and even GPS location.
The malware can also collect data about the phone itself, like the software version, information about Wi-Fi, battery level and more.
But the worst thing this malware is capable of is taking over the phone’s camera and microphone in order to secretly film and record its victims, which basically allows hackers to start an espionage business.
Lately, mobile devices have more and more become a target of cyber criminals, which makes sense due to the fact that a person’s phone holds a lot of information about its owner, and people rarely go anywhere without their phone.
It is important to say that while GhostCtrl poses as WhatsApp, it doesn’t actually affect the app in any way.
Researchers at TrendMicro, a security company, were the ones who found the malware and spread the word about it in an official blog post, saying just how extensive the data the malware steals is.
According to the researchers, GhostCtrl has three variations so far that are going around online, and one of them can be also used as ransomware.
TrendMicro says that this version can lock the phone’s screen and reset its password, as well as root the infected device. Not only that, but it can take control over the camera and create a scheduled task of taking pictures or recording video and later upload them to a C&C server as mp4 files.
Researchers have further said that the malware currently only affects Android users, but due to the tricky nature of the virus, people should be very careful not to be tricked into becoming its victims.
One of the ways for doing it is for people to download and install apps from official channels, such as Google Play Store. Another recommendation is to keep your device up to date as well as for the companies to restrict work devices in order to prevent users installing the virus.