New Android spyware warning: Do not install these apps

There’s another worrying wave of Android malware in the news this week, with another warning that dangerous new spyware is now infecting devices. As malware goes, this is a doozy, intercepting calls, live streaming your device’s screen to attackers, reading, sending and deleting texts, and even taking photos with your camera.

Z empire warns that “our zLabs team has been actively monitoring a new variant of a known malware called FakeCall.” And while previous versions of the malware have been reported by Kaspersky And Threat substancethe malware has now been improved.

ForbesMicrosoft Update Alert: 400 Million Windows PCs Now at RiskBy means of Zak Duffman

However, at its core, the core of the attack is the same as before. FakeCall intercepts incoming and outgoing calls, “tricking victims into calling fraudulent phone numbers controlled by the attacker.” The underlying code has been changed to make it harder to find and new features have been added, some of which are not yet live.

First of all, after you download the malicious app, which then loads malware on your phone, “the app asks the user to set it as the default call handler. Once designated as the default call handler, the app will have the ability to manage all incoming and outgoing calls.”

So let’s be very clear: you should never allow a new app to become the default call handler on your phone. There may be reasons to switch from the stock Android app, but if that’s the case, you should only download an app with good credentials from a mainstream developer and only from the Play Store. Not so.

Secondly, the malicious FakeCall apps are all sideloaded, i.e. direct installations or third party app stores. You are lured to the installation by social media posts, text messages/WhatsApps or emails. Don’t take the bait.

ForbesSamsung’s impossible deadline: you have 24 hours to update your phoneBy means of Zak Duffman

As Zrijke explains: “By taking advantage of its position as the default call handler, the app can change the dialed number and replace it with a malicious number… tricking users into making fraudulent calls… The malware can (also) track incoming and outgoing calls intercept and control. , where unauthorized connections are secretly made. In this case, users may not be aware of it until they delete the app or restart their device.”

The intention of this spyware is to steal your hard-earned money. It waits on your device until you contact a known financial institution. When you do that, “the malware redirects the call to a fraudulent number controlled by the attacker. The malicious app will trick the user and display a convincing fake user interface that resembles the legitimate Android calling interface with the real bank’s phone number. The victim will be unaware of the manipulation because the malware’s fake user interface will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim’s financial accounts.

But if you do three things, you can’t get caught like this:

1. As above, you should never reset the default call handler
2. Don’t sideload apps onto your device; even Google is now warning about this
3. Make sure Play Protect is enabled on your phone

ForbesGoogle warns 2 billion Chrome users: Update now as Apple unveils dangerous new threatBy means of Zak Duffman

Google limits sideloading and has expanded Play Protect beyond its own Play Store apps to cover those from other sources. We also expect Android 15’s new live threat detection to hit upgraded phones soon. This should monitor this type of malicious behavior in real time, even if an app has not yet been flagged.

Meanwhile, you can check if you know FakeCall apps on your phone:Zrijke has provided details here. You can also ensure that the default call handler has not been changed, that no unexpected Accessibility Services permissions have been set, and that Play Protect is enabled at all times.