The Police and Cyber Security Agency of Singapore (CSA) has warned Android smartphone users against downloading apps from third party websites and app stores as they may end up injecting malware in their mobile phones, computers, and other devices. Such malware has resulted in confidential and sensitive data, such as banking credentials, being stolen.
Malware may infect devices through various means, including through the downloading of software or apps from unknown sources, opening of attachments from unsolicited emails and accessing malicious websites. Users should also be cautious if they are asked to download suspicious Android/Chrome/Google-related updates or any dubious Android Package Kit (APK) files onto their mobile devices, even with seemingly genuine naming conventions, such as the following:
* GooglePlay23Update[.]apk[1];
* GooglePlay.apkUpdate[.]apk;
* Chrome_update1123[.]apk;
* Chrome-upd13111[.]apk; and
* Chrome-update10366[.]apk
Android users need to beware of files/apps with these extensions as notwithstanding the references to GooglePlay, these are not official APK files released by Google.
How these apps/files can hurt users’ smartphone and other devices
* Significant decline in the devices’ performance
* Unauthorised access to the devices’ systems/data that allow attackers to remotely control infected devices, possibly resulting in loss of user control
* Unauthorised installation of apps such as an additional Google Play or Chrome App on the device;
* Interception of SMSes in mobile devices;
* Persistent pop-ups from the apps requesting for permission to access the device’s hardware or data which may not be necessary for the application’s function; and
* Exfiltration of confidential and sensitive data stored in infected devices such as banking credentials, stored credit card numbers, social media account credentials, private photos and/or videos, etc. Attackers can then use such information to gain unauthorised access to users’ social media accounts to perpetuate impersonation scams or perform fraudulent financial transactions that result in reputational and monetary losses.
Malware may infect devices through various means, including through the downloading of software or apps from unknown sources, opening of attachments from unsolicited emails and accessing malicious websites. Users should also be cautious if they are asked to download suspicious Android/Chrome/Google-related updates or any dubious Android Package Kit (APK) files onto their mobile devices, even with seemingly genuine naming conventions, such as the following:
* GooglePlay23Update[.]apk[1];
* GooglePlay.apkUpdate[.]apk;
* Chrome_update1123[.]apk;
* Chrome-upd13111[.]apk; and
* Chrome-update10366[.]apk
Android users need to beware of files/apps with these extensions as notwithstanding the references to GooglePlay, these are not official APK files released by Google.
How these apps/files can hurt users’ smartphone and other devices
* Significant decline in the devices’ performance
* Unauthorised access to the devices’ systems/data that allow attackers to remotely control infected devices, possibly resulting in loss of user control
* Unauthorised installation of apps such as an additional Google Play or Chrome App on the device;
* Interception of SMSes in mobile devices;
* Persistent pop-ups from the apps requesting for permission to access the device’s hardware or data which may not be necessary for the application’s function; and
* Exfiltration of confidential and sensitive data stored in infected devices such as banking credentials, stored credit card numbers, social media account credentials, private photos and/or videos, etc. Attackers can then use such information to gain unauthorised access to users’ social media accounts to perpetuate impersonation scams or perform fraudulent financial transactions that result in reputational and monetary losses.
window.TimesApps = window.TimesApps || {}; var TimesApps = window.TimesApps; TimesApps.toiPlusEvents = function(config) { var isConfigAvailable = "toiplus_site_settings" in f && "isFBCampaignActive" in f.toiplus_site_settings && "isGoogleCampaignActive" in f.toiplus_site_settings; var isPrimeUser = window.isPrime; if (isConfigAvailable && !isPrimeUser) { loadGtagEvents(f.toiplus_site_settings.isGoogleCampaignActive); loadFBEvents(f.toiplus_site_settings.isFBCampaignActive); } else { var JarvisUrl="https://jarvis.indiatimes.com/v1/feeds/toi_plus/site_settings/643526e21443833f0c454615?db_env=published"; window.getFromClient(JarvisUrl, function(config){ if (config) { loadGtagEvents(config?.isGoogleCampaignActive); loadFBEvents(config?.isFBCampaignActive); } }) } }; })( window, document, 'script', );
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
