{"id":426617,"date":"2022-04-04T21:38:22","date_gmt":"2022-04-04T18:38:22","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/this-scary-new-android-malware-pulls-off-a-funny-little-scam-review-geek\/"},"modified":"2022-04-04T21:38:22","modified_gmt":"2022-04-04T18:38:22","slug":"this-scary-new-android-malware-pulls-off-a-funny-little-scam-review-geek","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/this-scary-new-android-malware-pulls-off-a-funny-little-scam-review-geek\/","title":{"rendered":"#This Scary New Android Malware Pulls Off a Funny Little Scam \u2013 Review Geek"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3dfe137d074\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3dfe137d074\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/this-scary-new-android-malware-pulls-off-a-funny-little-scam-review-geek\/#%E2%80%9CThis_Scary_New_Android_Malware_Pulls_Off_a_Funny_Little_Scam_%E2%80%93_Review_Geek%E2%80%9D\" >&#8220;This Scary New Android Malware Pulls Off a Funny Little Scam \u2013 Review Geek&#8221;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CThis_Scary_New_Android_Malware_Pulls_Off_a_Funny_Little_Scam_%E2%80%93_Review_Geek%E2%80%9D\"><\/span>&#8220;This Scary New Android Malware Pulls Off a Funny Little Scam \u2013 Review Geek&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div id=\"article-content-area\">\n<figure style=\"width: 1920px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage wp-image-93702 size-full\" data-pagespeed-lazy-srcset=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2021\/07\/87e6a4a4.jpg?width=400 400w, https:\/\/www.reviewgeek.com\/p\/uploads\/2021\/07\/87e6a4a4.jpg?width=1200 1200w\" sizes=\"auto, 400w, 1200w\" data-pagespeed-lazy-src=\"https:\/\/www.reviewgeek.com\/p\/uploads\/2021\/07\/87e6a4a4.jpg?width=1200\" alt=\"\" width=\"1920\" height=\"1080\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-photo\/darkweb-darknet-hacking-concept-hacker-cellphone-1452139706\" data-credittext=\"Tero Vesalainen\/Shutterstock.com\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/darkweb-darknet-hacking-concept-hacker-cellphone-1452139706\">Tero Vesalainen\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>Cybersecurity researchers from <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/lab52.io\/blog\/complete-dissection-of-an-apk-with-a-suspicious-c2-server\/\">Lab52 have discovered<\/a> a nasty new Android malware called \u201cProcess Manager.\u201d It can record your audio, track locations, send or read texts, and even access your storage to use the camera or see pictures.<\/p>\n<p>To make matters worse, the Process Manager malware employs a gear-shaped icon, so it looks like a system settings <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>, enabling it to hide on a user\u2019s device easily. This Android malware doesn\u2019t hide in plain sight either, as you\u2019ll see a persistent notification that \u201cProcess Manager\u201d is running. It\u2019ll look all official, but it\u2019s certainly not good.<\/p>\n<p>The researchers haven\u2019t figured out how it is being distributed, but once a victim installs it, the app quickly requests access to scary and dangerous device permissions. Some of these include device location data, Wi-Fi state, cameras, audio, microphone, read and write storage access, and can even read or send text messages. The app icon disappears once it gets access to those device privileges, but you\u2019ll still see the process running in the notification pulldown tray.<\/p>\n<p>That all sounds scary, and it is, but surprisingly enough, the app doesn\u2019t appear to be doing anything too malicious to the end-user. Once installed, the researchers found that it downloads a money-making app from the Google Play Store using a referral code. The app is named \u201cRoz Dhan: Earn Wallet cash.\u201d The scam is working, as it has over 10 million downloads. The creators of this Android malware earn money for each download.<\/p>\n<p>Anyone using a device on Android 10 or higher can go into permissions on their device and revoke access to specific permissions or look for suspicious apps such as this one. Unfortunately, it\u2019s not yet clear what else this malware is doing behind the scenes or how users are getting it, but it\u2019s one more thing to keep in mind.<\/p>\n<p><small>via <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/newly-found-android-malware-records-audio-tracks-your-location\/\">BleepingComputer<\/a><\/small>\n<\/div>\n<p><script>\nsetTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s)}(window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n  fbq('init', '1137093656460433');\n  fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.reviewgeek.com\/114058\/this-scary-new-android-malware-pulls-off-a-funny-little-scam\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;This Scary New Android Malware Pulls Off a Funny Little Scam \u2013 Review Geek&#8221; Tero Vesalainen\/Shutterstock.com Cybersecurity researchers from Lab52 have discovered a nasty new Android malware called \u201cProcess Manager.\u201d It can record your audio, track locations, send or read texts, and even access your storage to use the camera or see pictures. To make&#8230;<\/p>\n","protected":false},"author":1,"featured_media":426618,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.reviewgeek.com\/p\/uploads\/2021\/07\/87e6a4a4.jpg","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-426617","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/426617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=426617"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/426617\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/426618"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=426617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=426617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=426617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}