- cross-posted to:
- cybersecurity
- [email protected]
- cross-posted to:
- cybersecurity
- [email protected]
Hackers are using a fake Android app named ‘SafeChat’ to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.
The Android spyware is suspected to be a variant of “Coverlm,” which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.
A user has to click a lot of buttons to make this work, android security is doing its job. If there’s any failing on android security’s part, it’s consolidating permissions into accessibility services instead of breaking them out into something a user might get scared to click.
Then again, they did click accessibility services on a “secure messaging” app. They need to learn somehow. I just refuse to accept that the appropriate solution is not owning things you buy. There has to be a better way.