Home > News

Android App System Update Allows Hackers to Access Your Data

By Laura Tucker
System Update Malware Featured

We have learned by now that hackers won’t stop at anything to find a way to access your data. They enter into a battle with app developers and app stores to try and stay one step ahead of the other. A new tactic is hidden in the Android app “System Update.” It’s no update – it’s malware that is secretly stealing your data.

Discovery of System Update – a RAT

Mobile security firm Zimperium researchers discovered what they believe is a Remote Access Trojan (RAT). This type of malware allows hackers to get access to your device.

Android app System Update pledges to keep your Android device loaded with the latest software versions. Secretly, however, the app steals your data and sends it to a command center.

Zimperium CEO Shridhar Mittal believes “System Update” is tied into a” targeted attack.”

“It’s easily the most sophisticated (RAT) we’ve seen,” he said in an interview. “I think a lot of time and effort was spent on creating this app. We believe that there are other apps out there like this, and we are trying our very best to find them as soon as possible.”

System Update Malware Warning

It seems nothing is safe with System Update. It can steal messages, database files, call logs, phone contacts, pictures, videos, and more. Other than stealing your data, the app can also control your device. It can take pictures with your camera, record audio with your mic, gather your browser history, and even monitor your location data.

When your Android device receives information, the System Update springs into action. The Zimperium researchers said the app is always watching for “any activity of interest, such as a phone call, to immediately record the conversation, collect the updated call log, and then upload the contents to the C&C server as an encrypted ZIP file.”

After accessing your device, the app hides evidence of what it has done, so you’ll never know you’re being compromised in this way.

Not Available on Google Play Store

Google Play Store is in the clear this time. You won’t find this Android app, System Update, there. You’ll find it in a third-party store. While Google doesn’t always keep dangerous apps off the Play Store, it did this time. It’s still better to stick with it rather than go rogue and third party.

System Update Malware Android

It just shows why you always need to be on your toes with all devices that connect to the Internet in some way. Whether it’s your PC, smartphone, security camera, smart speaker, etc., if it connects, it’s capable of connecting to bad actors.

This also holds regardless of the platform you’re on – whether it’s Android, iOS, Windows, Mac, Linux, etc., you can’t let your guard down. That the actors are disguising a RAT as an Android app and system update should be worrisome to all.

Read on to learn about a malware that was found in videoconferencing software last fall.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Laura Tucker Avatar
Laura Tucker
Laura has spent more than 20 years writing news, reviews, and op-eds, with the majority of those years as an editor as well. She has exclusively used Apple products for the past 35 years. In addition to writing and editing at MTE, she also runs the site’s sponsored review program.

Read next

When the SS Great Eastern laid the first working transatlantic telegraph cable in 1866, a message that had taken ten days by steamship suddenly crossed the ocean in minutes, and the financial markets of London and New York were forced, within a single trading week, to invent the modern concept of synchronised global price.
From below of blue starry sky over radio telescope and trees with leaves
The Big Ear telescope was scanning at 1420.4056 megahertz on the night of 15 August 1977, the exact frequency at which hydrogen atoms vibrate across the universe, because Giuseppe Cocconi and Philip Morrison had argued years earlier that any species trying to be found would broadcast on that channel — and then, for 72 seconds, something did.
In 2016, archaeologists dated two rings of snapped stalagmites in France’s Bruniquel Cave to 176,500 years ago, evidence that Neanderthals had walked 336 metres into darkness with fire and built architecture deep underground long before modern humans reached Europe
Otto von Bismarck was 74 when Germany adopted the world’s first national old-age social insurance program in 1889, setting the pension age at 70 after years of fighting socialists with bans, laws, and a promise few workers would live long enough to use
When cosmonaut Valeri Polyakov stepped out of his Soyuz capsule in March 1995 after 437 consecutive days aboard Mir, doctors recorded him at several centimetres above his pre-flight height, and his spine had become so unaccustomed to gravity that the recovery team carried him to a chair rather than risk the compression of letting him walk.
When Bell Labs engineer Karl Jansky pointed a rotating antenna at the sky in 1932 looking for sources of transatlantic radio static, he kept picking up a faint hiss that peaked every 23 hours and 56 minutes, and he eventually realized he had become the first human to hear the center of the Milky Way.
A contemplative scene with two scientists in a vintage laboratory setting.
When Harvard astronomer Cecilia Payne submitted her 1925 doctoral thesis arguing that the Sun was made almost entirely of hydrogen, the field’s senior figure Henry Norris Russell talked her into adding a line calling the result ‘almost certainly not real,’ and then published the same conclusion himself four years later to widespread acclaim.
When seismic waves from the Chicxulub impact reached what is now North Dakota roughly ten minutes after the asteroid struck, they appear to have triggered a ten-metre standing wave in an inland river that flung fish onto the bank and buried them under glass beads still falling from the sky.