Smartphones are almost all the time connected to internet. This means the possibility to get infected by malware or any unwanted software is bigger. Nowadays is very risky to get infected or hacked if you are not careful.
Recently a new Google Chrome’s mobile version update seems to have infected more than 300 000 Android users. The update is nothing more than a malicious software attempting to steal your personal information. Probably you have encountered this kind of attack before but you didn’t know what was that.
This is only one way hackers can steal your personal information and data such as credit card info and so on. If you’re afraid of you data you would better take a look to the best advanced security tips for Android users. You know Better safe than sorry.
But let’s get back to the Chrome’s pop-ups issue. The web pages when the malware is hosted look very similar to official Google or Android landing pages. The attacks happen when you are browsing. A pop-up will appear on your screen warning you that there is a virus, but actually it’s not a virus. It is just a scam advertising and according to SecureList over than 300 000 people are infected.
When you click to remove the virus, the malicious software tries to make changes to the phone setting so it can download apk files. Once the file is downloaded a malware will steal your information and data. This is pretty similar to CTB Locker/Critroni Ransomware trick seen back on 2015.
As I said before, once you click on the pop-up window, the malware tends to disable Android’s security settings so it can download and install an apk file. Once that’s done, it gives Update_chrome.apk administrative access. Then the malware connects the phone with its remote server. It can monitor and steal all your data and information and send them to its remote server.
To spread the malware, the mobile-banking Trojan called Svpeng were used Google advertisements. The first to report about this issue was the Kaspersky Lab. They published what they have found about this trojan and reported them to Google.
Than Google, the giant search engine just broke down the operation that coupled advertisements with the false virus warning. It was quick to blog the ads with the false virus that spread the trojan to Android users.
What to do if you are infected
If your device is infected with Chrome pop-ups that are spreading the malware your personal information is at risk. So when you attempt to open Play Store, the malware will show you a payment window asking you for your credit card information. If you do that, a screenshot is sent to a phone number in Russia. This is definitely a scam and your data are not safe.
The simplest way to not get infected is to be updated about this schemes. Usually hacker and attacker use fear, in this case the virus to make you fall for the scam. If you know that there is nothing going wrong with your device than you won’t click anything.
Also apk from unknown sources must be avoided anyways. Even if the apk source seems to be trusty always read user comments to know if the apk you are going to download is safe or not.