- Apr 21, 2016
- 4,374
Security researchers warn that a new form of malware is targeting Android devices, posing as a Flash update that needs to be installed as soon as possible.
SophosLabs, however, warns not only that this is fake update, but also that it includes a form of malware known as Invisible Man and officially flagged as Andr/Banker-GUA. The new infection is based on a the Svpeng malware that was first detected in 2015, the security firm says.
Interestingly, the malware does not infect users in Russia, so when compromising a device, it first checks the phone language. If the phone is set to Russian, all the other tasks are stopped. If any other language is configured, Invisible Man asks for permission to use accessibility services, which can be further compromised to run malicious code.
Read more: New Virus Called “Invisible Man” Going After Android Users
SophosLabs, however, warns not only that this is fake update, but also that it includes a form of malware known as Invisible Man and officially flagged as Andr/Banker-GUA. The new infection is based on a the Svpeng malware that was first detected in 2015, the security firm says.
Interestingly, the malware does not infect users in Russia, so when compromising a device, it first checks the phone language. If the phone is set to Russian, all the other tasks are stopped. If any other language is configured, Invisible Man asks for permission to use accessibility services, which can be further compromised to run malicious code.
Read more: New Virus Called “Invisible Man” Going After Android Users
