Great Motorola Edge deal on Amazon!

Smart malware sneaks its way into Android phones, uses motion sensor data to remain hidden

By
19comments
Android
Smart malware sneaks its way into Android phones, uses motion sensor data to remain hidden
A known malware, named Anubis, has managed to sneak its way through a couple of simple apps on the Google Play Store through a series of evasive maneuvers. Now, before we begin, we'd like to state that Google has found and nuked the apps, so there's some good news right there.

The carrier apps in question were a simple Battery Saver and a Currency Converter. Before being taken down, the former had accumulated just over 5,000 downloads and about 70 reviews. As you can expect, however, said reviews were probably fake, as their text made little sense and they were posted by anonymous users (you know the type).


In order to remain hidden, the malware would do absolutely nothing unless it detects that the phone's motion sensors are generating data. The idea behind that? Well, some malware detectors will simulate an Android environment and run the target app in it in order to see if it does something fishy. The malware developer figured that such fake "Android sandboxes" won't be generating any motion sensor data since they are not actually on user-held devices. So, the trojan apps in question were made to wait for such data before they execute their malicious code.

Then, the apps send a notification to the user, concealed either as a Telegram or a Twitter invitation of sorts. However, that's simply a download link in disguise. Tapping on it will, sooner or later, trigger a download that's masquerading as a standard Android update. Accepting the latter finally opens the door and invites the Anubis malware in.

Recommended Stories

Anubis is a nasty thing to have on your phone

What does Anubis do? Pretty nasty stuff, really — unlike other malwares that will simply put a fake overlay on your screen and hope to get a glimpse of your credentials, Anubis is a straight up keylogger. That means, it can collect and record every keystroke you make on your virtual keyboard. To top it off, it can take screenshots of whatever you have up on your display at any time. Anubis has already spread to 93 different countries and is hard at work, building a — we imagine — pretty respectable database of account details. Reportedly, it's mostly interested in banking details — credit card numbers, e-banking login credentials, et cetera. You know, the stuff that you don't want anyone to know.

So, just a reminder — be careful what you download on your phone and definitely think thrice before sideloading stuff as well.
https://m-cdn.phonearena.com/images/users/106-200/Preslav-K.jpg
Preslav Kateliev Mobile Tech Reviewer and Video Host
Preslav, a member of the PhoneArena team since 2014, is a mobile technology enthusiast with a penchant for integrating tech into his hobbies and work. Whether it's writing articles on an iPad Pro, recording band rehearsals with multiple phones, or exploring the potential of mobile gaming through services like GeForce Now and Steam Link, Preslav's approach is hands-on and innovative. His balanced perspective allows him to appreciate both Android and iOS ecosystems, focusing on performance, camera quality, and user experience over brand loyalty.

Recommended Stories

Loading Comments...

Popular stories

Even longtime T-Mobile customers will have to put up with slow internet speed policy
Even longtime T-Mobile customers will have to put up with slow internet speed policy
Two more companies want FCC action against T-Mobile for interference from 5G
Two more companies want FCC action against T-Mobile for interference from 5G
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
iPhone users warned to disable iMessage temporarily to avoid getting hacked
iPhone users warned to disable iMessage temporarily to avoid getting hacked
T-Mobile will soon have another reason to gloat
T-Mobile will soon have another reason to gloat

Latest News

Verizon's Visible introduces annual plans with discounts up to 26%
Verizon's Visible introduces annual plans with discounts up to 26%
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Apple tipped to reduce display size of iPhone 17 Plus
Apple tipped to reduce display size of iPhone 17 Plus
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
FCC OKs Cingular\'s purchase of AT&T Wireless