Every Android smartphone could be in jeopardy as a new Advanced Malware has been detected which can stealing passwords, photos, data from WhatsApp and other apps. This is 4th generation ZooPark - malware that has been around for 4 generations now.
What does the ZooPark do?
Initially this malware started as a simple steal device account and contact data. Which now has evolved to the stage of monitoring and withdraw key logs, clipboard data, browser activity & data, photos, videos from memory cards and secure data from various apps.
How does it transmit the data back?
Once it has the intended data, it can silently make calls, send texts and execute shell commands to send out the data.
Who spotted/Identified this?
Kaspersky Labs- This company banned by US government due to some issues - is the one that says - there might be few targets out there in the wild. As the number is quite less at this time - the Kaspersky guys feel that this might be a specific nation state targeted attempt to spy on some specific people.
There were many exploits uncovered when Edward Snowden blow open the NSA Surveillance - some of which were stolen by some hacking groups and then made public. Seems like they could have provided this loop hole, and the work around to use it!
There are billions of Android Users out there, everyone must understand - Google/handset manufacturers can only do so much regarding how you use your smartphones. Now almost every OEM is sending out monthly security patches, but it is all in vain if you don’t install them. All those users who install everything that a pop up might bring out - you should consider reading what is that app about before installing it. Review your installed apps every fortnight so that you can reconsider your choices and if any app that you didn’t intended but is installed - you can remove it.
Government Surveillance programs or not - if you can use your devices with responsibility, you can stay away from any unnecessary nuisance.