Hackers are now increasingly targeting smartphones. And now, a very sophisticated form of Android malware has emerged that is so clever, it can bypass your lock screen and drain your bank account even while you’re sleeping!

Security Researchers at Trend Micro, who first discovered the malware back in June, named it ‘MMRat’. This new form of Android malware remains undetected on many antivirus scanning services.

A new malware called ‘MMRat’ is able to steal data from Android phones and remains undetected on antivirus scanning services. Image source: master1305 on Freepik.

Hackers spread the malware through fake websites designed to look like official app stores, such as the Google Play Store.

Having infiltrated a victim's device, MMRat takes advantage of Android's Accessibility Service and maliciously grants itself unnecessary permissions. These permissions give it control over the device and allow it to carry out an array of sneaky activities.

When the malware detects that the victim isn’t using the phone, that’s when it executes the attack. The malware remotely wakes up the device, unlocks it, and performs bank fraud.

Aside from hacking into bank accounts, the malware collects all kinds of data from a user's smartphone, including network information, battery stats, contacts and even what the victim is typing!

Not only that, but it can also take snapshots of what’s happening on the screen–in real time! The malware can also live-stream any footage recorded from the device’s camera.

It also has the capability to uninstall itself, leaving no trace of the compromise or that the phone was ever infected with the malware.

The ability of ‘MMRat’ to steal so much data from an infected smartphone is due to a custom Protobuf protocol that its creators have developed, which makes transferring data off compromised Android devices easier. This custom protocol is rather uncommon among other Android trojans.

The malware is primarily being used to target Android smartphone users in Southeast Asia–at least for now. As it remains undetected by antivirus scanning services, its spread to other regions may likely happen.

Here’s another article on a virus attacking Android phones that put millions of users at risk of losing confidential data to hackers.

How to stay safe from Android malware

The first step to preventing malware from infiltrating your device is to avoid installing apps from unknown sources. Sideloading apps or applications downloaded on a mobile device without using the device's official app store, despite how convenient they may be, can put your Android at risk because these apps don’t go through security checks as rigorous as those downloaded from official app stores.

It’s therefore very important to only download apps from official, trusted sources like the Google Play Store, the Amazon Appstore and the Samsung Galaxy Store.

While malicious apps do manage to slip through the cracks from time to time, Google Play Protect, which comes preinstalled on most Android phones, can identify and remove bad apps from your phone.

Here’s an article that can help you spot the signs that your phone has been compromised by malware.

Key Takeaways

• Hackers have created a new Android malware, dubbed MMRat by security researchers at Trend Micro, that can remotely wake up and unlock smartphones, stealing both personal data and funds from your bank accounts.
  
• The malware is often distributed through websites impersonating official app stores, causing it to go undetected on antivirus scanning services.
  
• Among its malicious capabilities, MMRat can collect network information, battery stats, contacts and even what the victim is typing. It can also take snapshots of what’s happening on the screen in real-time, live-stream footage recorded from the device’s camera, and uninstall itself, leaving no trace of infection.
  
• To stay safe from such Android malware, individuals should avoid installing apps from unknown sources and consider installing an Android antivirus app for further protection.
  

Share this news with your family and friends to help keep our community safe.

If you have any tips or stories to share about malware, then let us know in the comments below.

 

[Jen77au]

Hackers are now increasingly targeting smartphones. And now, a very sophisticated form of Android malware has emerged that is so clever, it can bypass your lock screen and drain your bank account even while you’re sleeping!

Security Researchers at Trend Micro, who first discovered the malware back in June, named it ‘MMRat’. This new form of Android malware remains undetected on many antivirus scanning services.

View attachment 28707

A new malware called ‘MMRat’ is able to steal data from Android phones and remains undetected on antivirus scanning services. Image source: master1305 on Freepik.

Hackers spread the malware through fake websites designed to look like official app stores, such as the Google Play Store.

Having infiltrated a victim's device, MMRat takes advantage of Android's Accessibility Service and maliciously grants itself unnecessary permissions. These permissions give it control over the device and allow it to carry out an array of sneaky activities.

When the malware detects that the victim isn’t using the phone, that’s when it executes the attack. The malware remotely wakes up the device, unlocks it, and performs bank fraud.

Aside from hacking into bank accounts, the malware collects all kinds of data from a user's smartphone, including network information, battery stats, contacts and even what the victim is typing!

Not only that, but it can also take snapshots of what’s happening on the screen–in real time! The malware can also live-stream any footage recorded from the device’s camera.

It also has the capability to uninstall itself, leaving no trace of the compromise or that the phone was ever infected with the malware.

The ability of ‘MMRat’ to steal so much data from an infected smartphone is due to a custom Protobuf protocol that its creators have developed, which makes transferring data off compromised Android devices easier. This custom protocol is rather uncommon among other Android trojans.

The malware is primarily being used to target Android smartphone users in Southeast Asia–at least for now. As it remains undetected by antivirus scanning services, its spread to other regions may likely happen.

Here’s another article on a virus attacking Android phones that put millions of users at risk of losing confidential data to hackers.

How to stay safe from Android malware

The first step to preventing malware from infiltrating your device is to avoid installing apps from unknown sources. Sideloading apps or applications downloaded on a mobile device without using the device's official app store, despite how convenient they may be, can put your Android at risk because these apps don’t go through security checks as rigorous as those downloaded from official app stores.

It’s therefore very important to only download apps from official, trusted sources like the Google Play Store, the Amazon Appstore and the Samsung Galaxy Store.

While malicious apps do manage to slip through the cracks from time to time, Google Play Protect, which comes preinstalled on most Android phones, can identify and remove bad apps from your phone.

Here’s an article that can help you spot the signs that your phone has been compromised by malware.

Key Takeaways

• Hackers have created a new Android malware, dubbed MMRat by security researchers at Trend Micro, that can remotely wake up and unlock smartphones, stealing both personal data and funds from your bank accounts.
• The malware is often distributed through websites impersonating official app stores, causing it to go undetected on antivirus scanning services.
• Among its malicious capabilities, MMRat can collect network information, battery stats, contacts and even what the victim is typing. It can also take snapshots of what’s happening on the screen in real-time, live-stream footage recorded from the device’s camera, and uninstall itself, leaving no trace of infection.
• To stay safe from such Android malware, individuals should avoid installing apps from unknown sources and consider installing an Android antivirus app for further protection.

Share this news with your family and friends to help keep our community safe.

If you have any tips or stories to share about malware, then let us know in the comments below.

Wow. I consider myself pretty tech savvy and am aware of malware, etc. But even this shocked me! I'm suspicious in nature and will only install apps through the proper channels, however, this shows that the technology these horrible people keep creating serves as a reminder of how vigilant we all need to be!

 

[Observer]

Makes life a bit tuff when some above board businesses insist that you should install their app, only for them to get hacked leaving you open to further hidden attacks on your mobile.

 

[Luckyus]

Hackers are now increasingly targeting smartphones. And now, a very sophisticated form of Android malware has emerged that is so clever, it can bypass your lock screen and drain your bank account even while you’re sleeping!

Security Researchers at Trend Micro, who first discovered the malware back in June, named it ‘MMRat’. This new form of Android malware remains undetected on many antivirus scanning services.

View attachment 28707

A new malware called ‘MMRat’ is able to steal data from Android phones and remains undetected on antivirus scanning services. Image source: master1305 on Freepik.

Hackers spread the malware through fake websites designed to look like official app stores, such as the Google Play Store.

Having infiltrated a victim's device, MMRat takes advantage of Android's Accessibility Service and maliciously grants itself unnecessary permissions. These permissions give it control over the device and allow it to carry out an array of sneaky activities.

When the malware detects that the victim isn’t using the phone, that’s when it executes the attack. The malware remotely wakes up the device, unlocks it, and performs bank fraud.

Aside from hacking into bank accounts, the malware collects all kinds of data from a user's smartphone, including network information, battery stats, contacts and even what the victim is typing!

Not only that, but it can also take snapshots of what’s happening on the screen–in real time! The malware can also live-stream any footage recorded from the device’s camera.

It also has the capability to uninstall itself, leaving no trace of the compromise or that the phone was ever infected with the malware.

The ability of ‘MMRat’ to steal so much data from an infected smartphone is due to a custom Protobuf protocol that its creators have developed, which makes transferring data off compromised Android devices easier. This custom protocol is rather uncommon among other Android trojans.

The malware is primarily being used to target Android smartphone users in Southeast Asia–at least for now. As it remains undetected by antivirus scanning services, its spread to other regions may likely happen.

Here’s another article on a virus attacking Android phones that put millions of users at risk of losing confidential data to hackers.

How to stay safe from Android malware

The first step to preventing malware from infiltrating your device is to avoid installing apps from unknown sources. Sideloading apps or applications downloaded on a mobile device without using the device's official app store, despite how convenient they may be, can put your Android at risk because these apps don’t go through security checks as rigorous as those downloaded from official app stores.

It’s therefore very important to only download apps from official, trusted sources like the Google Play Store, the Amazon Appstore and the Samsung Galaxy Store.

While malicious apps do manage to slip through the cracks from time to time, Google Play Protect, which comes preinstalled on most Android phones, can identify and remove bad apps from your phone.

Here’s an article that can help you spot the signs that your phone has been compromised by malware.

Key Takeaways

• Hackers have created a new Android malware, dubbed MMRat by security researchers at Trend Micro, that can remotely wake up and unlock smartphones, stealing both personal data and funds from your bank accounts.
• The malware is often distributed through websites impersonating official app stores, causing it to go undetected on antivirus scanning services.
• Among its malicious capabilities, MMRat can collect network information, battery stats, contacts and even what the victim is typing. It can also take snapshots of what’s happening on the screen in real-time, live-stream footage recorded from the device’s camera, and uninstall itself, leaving no trace of infection.
• To stay safe from such Android malware, individuals should avoid installing apps from unknown sources and consider installing an Android antivirus app for further protection.

Share this news with your family and friends to help keep our community safe.

If you have any tips or stories to share about malware, then let us know in the comments below.

Reading articles like this, makes you feel like taking the battery out of your phone, then throwing both to the shithouse!!.

 

[Rob44]

Simple. Don't put your data on your mobile toy (sorry, phone). Even safer. Don't have one. Pay by cash.

 

[Rob44]

Reading articles like this, makes you fell like taking the battery out of your phone, then throwing it both to the shithouse!!.

Best place for it.

 

[Thecheesequeen]

This is scary! I use my phone as a tool, not a toy. I use it for calls, texts and directions and that’s about it. I don’t have banking or email on my phone. Still, if tech-savvy criminals get access to any of your details, who knows what they could do with it.

 

[Big M]

Makes life a bit tuff when some above board businesses insist that you should install their app, only for them to get hacked leaving you open to further hidden attacks on your mobile.

TOUGH!

 

[MC12]

I would remove all banking apps from my phone. If you use your phone to pay for things, consider cash instead. Can't hack cash, no fees to the banks, and privacy too.

 

[Rosscoesmiff]

Simple. Don't put your data on your mobile toy (sorry, phone). Even safer. Don't have one. Pay by cash.

 

[Rosscoesmiff]

Unfortunately, some businesses don’t take cash or deter you from using cash. I paid cash for a new car a couple of years back, well, didn’t I get the run around. They get a big kickback from finance companies . When I told them to accept the cash or I will go elsewhere they quickly changed their mind and to ‘kick them down a bit more’ I asked for a discount for which they did. I haven’t had a credit card for over 25 years so my credit score is probably shit.

 

[Da Freddo]

Reading articles like this, makes you fell like taking the battery out of your phone, then throwing it both to the shithouse!!.

WOW that's easier than re-cycle.

 

[Vio Kot]

Simple. Don't put your data on your mobile toy (sorry, phone). Even safer. Don't have one. Pay by cash.

How do people contact you?

 

[London Lad]

How do people contact you?

Easy...in last century, we had HOUSE phones and letters in the post . SIMPLES !!!!!!!!!!!!!!!

 

[Vio Kot]

So it states "Hackers spread the malware through fake websites designed to look like official app stores, such as the Google Play Store". Then it states "It’s therefore very important to only download apps from official, trusted sources like the Google Play Store, the Amazon Appstore and the Samsung Galaxy Store."
If this was found in June you'd think they would have found a solution against it by now, you gotta keep up or ahead of the hackers because banks will be held liable for use of their apps that have been hacked. They make enough profit to use some of it to be vigilant.

 

[Vio Kot]

Easy...in last century, we had HOUSE phones and letters in the post . SIMPLES !!!!!!!!!!!!!!!

In this century very few phones in homes and mail gets delivered twice a week if your lucky. A lot of places don't take cash payments etc. Sadly now days you have to go with the times or you miss out on so much

 

[Jen77au]

Makes life a bit tuff when some above board businesses insist that you should install their app, only for them to get hacked leaving you open to further hidden attacks on your mobile.

Exactly. And you usually have to install

Simple. Don't put your data on your mobile toy (sorry, phone). Even safer. Don't have one. Pay by cash.

I understand many people use them as such, however I do use my phone for business. Calendar, design and email to keep in contact with my clients on the go. The long waiting times in doctor's surgeries, and other appointments that I'm waiting to attend, as you can imagine, chews up valuable time to a small business sole operator. I like to use this time to work and instead of lugging my laptop around, I find my phone more versatile. I''m thankful that I can use it this way. And while I found some apps gained through the secure channels useful, I do agree with Observer that nearly everything needs an app downloaded for it. Very frustrating when they don't work half the time!

 

[Veggiepatch]

How do people contact you?

Smoke signals....

 

[Veggiepatch]

I propose a new name for the mobile phone.

Let me introduce you to the new PMMD. The PERSONAL MULTIMEDIA DEVICE.

Phones are hardly used for their intended purpose. Over 30% of mobile phone usage is taken up by streaming.

 

[Veggiepatch]

I propose a new name for the mobile phone.

Let me introduce you to the new PMMD. The PERSONAL MULTIMEDIA DEVICE.

Phones are hardly used for their intended purpose. Over 30% of mobile phone usage is taken up by streaming.

I could have named it PMD but I thought of the females on SDC.

Premenstrual Dysphoria anyone?