Advanced Battery Saver Android App on Google Play Hijacks Private Data

Advanced Battery Saver Android App

Security researchers alerted that hackers are distributing a malware Advanced Battery Saver Android on the Google Play Store. The hackers hijack personal data and reconfigure the devices in order to perform various system modifications. It is rated as a very dangerous instance that should be removed as quickly as possible in order to prevent it from being used as a conduit for financial abuse and identity theft crimes.

Discovery of the Malware Advanced Battery Saver Android App

Image by Risk IQ

While performing a security audit on Android applications security researchers discovered a fake notification message that appeared to differ from the standard templates often used by hackers. The phishing message uses information about the victim’s devices such as the make and model in order to personalize them. This is one of the most common and effective blackmail tactics as many users cannot tell the difference between a legitimate and a fake message. The script that is spawned appears to be a redirect which also checks for the set language. This means that it is possible that there are several versions of the message.

The notification message prompts the victims to install or cancel an installation of the malware “Advanced Battery Saver” app. They are redirected to the Google Play entry which is designed like any other system utility app. Like other infected apps it uses fake developer credentials, user reviews and an elaborate description.

Malware Advanced Battery Saver Android App Capabilities

Once the victims users resort to install the app they will be asked to allow permssions such as the following

  • Read sensitive log data
  • Receive text messages (SMS)
  • Receive data from Internet
  • Pair with Bluetooth devices
  • Full network access
  • Modify system settings

When the application has been installed on the victim devices it will start a series of (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Martin Beltov. Read the original post at: