Zscaler security research firm discovered a new malicious program for Android, which looks like the update Google Chrome, but really gets administrative access on your device to steal data such as call logs, text messages and credit card information.
According to the researchers, the malware appears in the temporary URL, which can be quickly replaced by a new one, to ensure that it is not detected. Once an unsuspecting user clicks on any of these links, malware is downloaded to the device and requests administrative rights to the software.
Once the application obtains the right, checks for security applications, and removes it. Next, the program registers the Android-powered device to the management server, the location of which is unknown, and switches to the backup data sent and received on your device like SMS, calls and sends to the server.
But it does not end. Next, the malware uses the operating system for the weakness of their financial gain. If the user that the device is infected with a malicious program tries to access Google Play, the malware creates a false payment page that pops up and prompts the user to enter their credit card details.
As soon as the user fills out the data, they are archived on the server. Zscaler notes that malware is quite powerful and can be used to compromise the privacy of users of Android-devices and leakage of sensitive information that can lead to cases of financial fraud.
The worst part is that the program can not be removed from the device, even if the user is aware of her presence. This is because it has received administrative access, and prohibits the removal of its users. In such cases, the user will be rain to make a factory reset of your device, it will delete all its data, which is a losing scenario for the hapless user.