Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Fake Chrome update for Android SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Fake Chrome update for Android

There have been numerous reports of a fake update for Chrome for Android.  A fake update for Android is not in itself very unusual or interesting, but this particular bit of malware is somewhat more insidious than most. The update, titled "Update_chrome.apk" requests administrative access to the device and then takes a page out of Zeus and other credential stealing malware and captures banking and personal information.  When the user makes a purchase in the Google Play store the malware uses a very realistic looking payment page that captures a screenshot of any credit card information entered and sends it to Russian.  The malware prevents its removal.  At this point the only way to remove the malware is by returning the device to factory defaults, causing all user data to be lost.

More information on this malware can be found over at the zScaler website.

This reiterates the usual methodology for software management on these devices.  Always get your updates from reputable sources such as Google Play, and if you do need to install updates from a third party developer you need to validate the update before installation.

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Rick

294 Posts
ISC Handler
Yes, the report is true. Infact,there are plenty of such tricky updates for android devices which actually don't work.
One I recently found was [url=https://www.quora.com/What-can-I-do-to-hack-Snapchat-on-a-mobile-phone]Snapchat hack[/url]

Please check it and kindly leave your thoughts if it is a good tool to hack anyone's Snapchat account. Thank you.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!