Android malware GhostCtrl can smartphone to take on and listen to
A newly discovered form of Android malware takes over device functions in the background, so that a user is using the camera and microphone can be monitored.
The malware is processed in custom APK’s of apps such as WhatsApp and Pokémon Go, discovered beveiligingsonderzoeker Trend Micro. Usually, this kind of namaakapps outside of Google Play offered.
The affected apps start a background process called ” com.android.engine. That name must give the illusion that it is a general software process within the operating system. In reality, there are parts of the phone taken up and used by the application.
The malware is capable of the multiple functions of the device to operate, such as the SMS app. This makes messages to be read by an attacker.
GhostCtrl also has direct access to the camera and microphone, which make the surroundings of a user can be monitored. The passwords of accounts logged in on the device by the malware will be reset.
The apps continue to identify any attempts to install send, until the user agrees. The malware can be avoided by the relevant apps not to install, according to Trend Micro.