Trend Micro"Information Security Company" has revealed that malicious software targeting the Android operating system has been used to transform devices into spyware.
The malicious software, known as "GhostCtrl", allows hackers to take full control of smartphones, even allowing them to see all the contents of the phone and spy on users without their knowledge.
The company's researchers said in a publication on its blog that they were able to detect three different versions of the software. The first two versions of data collection and remote control are designed with different phone features. The third version combines the best of the two previous versions, and then adds more. Worse still, researchers predict that the gap will continue to evolve.
According to their findings, "GhostCtrl" is an extension of a malicious worm that steals data that has spread between hospitals and the infamous OmniRAT vulnerability that surfaced in news headlines after it was said to allow remote access to Windows, Mac and Linux computers via any Android device, Vice versa.
Malware is often disguised as legitimate applications like Wattsb and other popular applications. When you turn on, the main app goes to install a malicious Android app in the APK format to run later in the background.
At this point, attackers can exploit this back door to make infected devices do what they want. Trend Micro warned that the vulnerability allows for a wide range of commands, allowing hackers to identify and target content without the owner's consent or knowledge.
The company has released a list of operational codes that allow hackers to monitor data gathered by real-time sensors, allow them to delete, modify and move stored files, connect and send text messages to contacts, collect information such as call records, SMS records, Bookmark browser.
In addition to this, the researchers note that "GhostCtrl" also has the ability to reset passwords remotely, run different sounds on the phone, turn on the camera, control Bluetooth and more. This basically means that once the attacker succeeds in infecting the system, the device becomes a spy tool on the user.
To fix the problem, Trend Micro recommends that users update their phones to the latest version of the Android system immediately, restrict user permissions on their personal devices, and regularly back up personal data.