Google Just Issued This Urgent Warning to All Android Users
A newly discovered security threat could give hackers complete access to your phone.
For most, keeping your smartphone safe typically means not leaving it unsupervised in public or locking it with a passcode. After all, your phone's access to everything from your stored personal data to bank accounts makes it a particularly sensitive piece of equipment. But if you're an Android user, you may want to take extra caution in light of a recently discovered security threat. Read on to see what could be putting your device in danger.
A dangerous new malware program called Octo can give hackers complete control of Android phones.
In a recent blog post, financial cybersecurity firm ThreatFabric announced that it had discovered a dangerous new piece of malware that targets Android phones. The illicit software is the latest version of "Octo," a notorious banking malware program that can give hackers complete control over devices that accidentally install it—including access to your personal information and financial accounts, The U.S. Sun reports.
The program can run in the background while making your phone appear inactive or switched off.
According to ThreatFabric, Octo is the latest evolution in a series of programs known as remote access trojans (RATs) available to criminals on the dark web. After unsuspecting victims download the malware, it can secretly run in the background to mine information and even commit fraud. The program also allows hackers to control volume, push notifications, and screen brightness, which makes the phone's display appear black or switched off so they can access the device uninterrupted.
Similar to other malware, Octo also includes a keylogger for lifting personal data and passwords, the ability to intercept and send text messages, the ability to launch applications, and control over the home screen lock.
Be wary of untrustworthy websites, browser update notifications, or app update requests.
The experts warn that the program spreads by using a website or landing page that produces a phony browser or software update request. However, the software has even been included in apps that were previously available on Google's official download marketplace.
"ExobotCompact/Octo has dangerous capabilities, powered by inventive distribution schemes including droppers on official Google Play store and malicious landing pages," ThreatFabric wrote. "Thus, customers are very likely to fall into installing the malware on their devices, allowing the actors to have remote access to their devices and therefore to their banking accounts."
To avoid infecting your phone with Octo or other malware, it's always best to be careful about which apps and programs you install on your devices, tech blog Tom's Guide reports. And although you should always stick to reputable download sources, even official app markets can sometimes miss hidden malicious codes in programs. To stay ahead of any threats, consider turning on Play Protect by tapping your profile icon next to the search bar and clicking the Gear icon on your device. From there, make sure the "Scan apps with Play Protect" and "Improve harmful app detection" options are switched on.
Experts have recently discovered other major security vulnerabilities in Android devices.
This isn't the only major security vulnerability recently discovered for Android products. In a blog post from April 1, cyber security research group Lab52 issued a warning that it had discovered a malicious piece of software capable of infecting the smartphones. The program, known as "Process Manager," can sneakily be downloaded onto devices and then used to send personal information to hackers.
According to Lab52, users usually download the app accidentally after clicking on a link they've received through a text message or email on their device. From there, the malware will display a phony warning message that grants it access to the phone's camera and microphone and allows it to read text messages, emails, call logs, contact information, and the device's exact location. The app will then continue to run in the background to gather information that can be sent back to hackers and used to exploit or blackmail victims, The U.S. Sun reports.
To ensure your phone is free of spyware, experts recommend double-checking which apps have permission to access your device's camera, microphone, and messages. You can do this by tapping on Settings and then searching for "Apps" or "Apps and Notifications" before clicking on "Permissions." If any programs you don't recognize have access to your device, revoke them immediately.