Nintendo-Power

Daily Gaming news, videos, reviews, tips & guides. Let's share our love of BigN games!

Android under malware attack!  Oscarp Beware: This will steal data and take control of the smartphone

Android under malware attack! Oscarp Beware: This will steal data and take control of the smartphone

There is a new virus in Android This creates panic among security professionals. It is also known as Oscorp and its nickname CERT-AgID Those who discovered it, only defined its danger. In fact, malware does nothing but use errors in the Android operating system, thus accessing sensitive user data and therefore stealing credentials. How does it work and how can you protect yourself from the new Ascorp company?

WhatsApp: Here’s how Oscorp works and how to protect yourself

It all starts with the Android access service. In this case this service is nothing more than a component of the applications installed in the operating system, and allows people with disabilities to enjoy reading, and therefore the use of the smartphone. We know that the computer allows you to read everything received by the smartphone with a mechanical and automatic voice.

OK, Hackers have thought of sneaking into smartphones using an access service Oscorp, The new malware that causes some major headaches. According to experts, in fact, the virus, above all, reaches Italian users through classic phishing emails, which undoubtedly invites the user to download files that at first glance seem harmless. In this case they are:

  • Assistenzaclienti.apk
  • CustomerProtectio.apk

Like any other malware, once the user downloads the file and installs it on their smartphone, a new application is called Customer protection It will hold the smartphone by activating a `keylogger ‘module as soon as it is launched Allows you to access a large number of permissions on an Android smartphone. The thing? First, criminals can clearly read everything that appears on the smartphone display and everything typed by the phone user. So this allows you Easy to view even with sensitive data It is about access to banking services and restricted applications.

See also  The new football game will be digital and free to play

What permissions does the malware have access to? Too long list.

  • CALL_PHONE
  • Photo tool
  • DISABLE_KEYGUARD
  • Website
  • READ_PHONE_STATE
  • READ_SMS
  • RECEIVE_MMS
  • RECEIVE_SMS
  • RECORD_AUDIO
  • SEND_SMS
  • SYSTEM_ALERT_WINDOW
  • WRITE_EXTERNAL_STORAGE
  • WRITE_SMS
  • INJECT_EVENTS
  • PACKAGE_USAGE_STATS
  • READ_PRIVILEGED_PHONE_STATE
  • ACCESS_NETWORK_STATE
  • ACCESS_SUPERUSER
  • MODIFY_AUDIO_SETTINGS
  • READ_EXTERNAL_STORAGE
  • RECEIVE_BOOT_COMPLETED
  • REQUEST_DELETE_PACKAGES
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
  • REQUEST_INSTALL_PACKAGES
  • WAKE_LOCK

What happens once the malware takes over access to the smartphone? In this case, the Oscarp user can record repetitive disk displays on the screen, but can also uninstall apps from the smartphone and make independent calls, send SMS, or access two-factor authentication codes with Google Authenticator.

So in this case The malware does nothing but retrieve all of the target user’s data Furthermore, using additional phishing scams does nothing but steal extra sensitive data by making user login pages look like real pages, but temporarily created to cheat and steal passwords or other information. The situation that allows bad guys to take total control of the smartphone, so it can undoubtedly enter deep into the life of the user.

How to defend yourself? It is not clear that it is never easy to protect against precise malware like Ascorp. In this case it is clear that access to the smartphone and access to the user’s data only occurs when the user allows the virus to enter. Therefore Nothing can be done about this until Oscarp opens the door. This is a significant step that somehow underscores the security of Android, which makes it possible to open the doors for an app or put it clearly in the user’s hands.

To prevent us from what you can do in this matter Always download apps from the official Google Play Store (Play Store) or official sites. In this case, try to avoid activating the access service, after all any emails or messages received may seem strange.

See also  How to save webp image instantly in jpg