Due to Android is open-source by nature, malware can be easily brought in, and now, new malware is discovered that can steal data or take control of user’s devices when updating on Android devices. According to the security researchers at Zimperium, this malware disguises as a system update, once an update is made and install, the malware communicates with the Android operator’s Firebase server.
What the malware does is stealing credentials, such as personal messages, contact details, other details from the device, web bookmarks, search history, and calls. Amazingly, this malware also discovers the user’s location and the documents, then it will steal a copy of the data from the clipboard. CEO Shridhar Mittal from Zimperium claimed this malware is taken a lot of time and effort to make so that it’s very hard to discover.
The best way to prevent such malware to pollute the device is to never download any apps from a third-party source, all apps should be downloaded via original source like Google Play Store for better security measures.