McAfee warns Android users against installing antivirus in their software that may turn to be a real virus. SandroRAT is a new malware discovered that targets Polish bank users.
An email would be sent to an Android user, warning about a malware infection of the phone. The mail also says that a free security application is attached and provided by the bank. The app that was said to detect a malware that steals private SMS information that can be used for electronic transactions.
According to Carlos Castillo of McAfee, the pretending app tries to pass as a Kaspersky antivirus but is actually a remote access tool called SandroRAT. It can remotely make commands such as steal personal information like text messages, call information, bookmarks, browser history, and GPS location. It can get into a phone’s inbox, sent, and outbox messages. It can spy on the incoming calls and record the conversation in a WAV file saved in an SD card.
It can update without any confirmation. It can block, intercept, and steal messages that are being sent to a phone. It can use the phone it infected to send MMS messages, pretending to be from the owner, complete with a text and phone number.
It can both delete and input SMS messages, as well as contacts. And it can record the sound of the phone’s surroundings.
This remote access tool can easily call anybody with the phone and can also make transactions without the knowledge of the actual owner.
Even updated WhatsApp app is not hard to access for this RAT. It can use the Google email account in the device to secretly get into the encrypted messages.
McAfee warns all the Android users to be vigilant and careful in all the apps they are installing to their device. Reference: gmanetwork