The malware "Oblivion" uses fake updates to take over mobile control.

The "Oblivion" malware uses a fake update pearl to take control of famous Android mobile brands such as Samsung and Xiaomi.

Devices using the Android operating system can be called malware-related and difficult to bypass because they are open systems where anyone can develop applications more easily than a competitor like iOS from Apple. This is another new malware to watch out for.

According to a report by the website, Hackread has mentioned the detection of a malware type that remotely controls the machine, or a new RAT (Remote Access Trojan) aimed at tackling a group of users of devices using the Android operating system called Oblivion, sold on the black market as malware for rental or MaaS (Malware-as-a-Service) for US $300 (9,551.70 baht) per month. There are other package sales, for example.

Lifetime for US $2,200 (70,051.30 baht)

6 months at $1,300 ($41,393.95)

Three months at $700 ($22,290.45).

The worrying thing is that this malware is not sold on the Dark Internet or the Dark Web, but is sold on a very normal website, allowing users with the correct website URL to buy it immediately. In addition, the malware is designed to be easy to use even among new users. The distributor boasted that it was tested for four months before its release and confirmed that the malware behavior detection system or Behavioural Detection could not detect this malware exactly. There is also a tool for creating fake apps or APK Builder. It can create a Google application emulator like Google Services in just a few clicks. In addition, the malware control system can handle up to 1,000 victims at once.

This malware will support Android from the 8th generation to the 16th generation, which is the latest. It can also break through Android's protection systems, unique versions of many different mobile phones, such as

Xiaomi's HyperOS and MIUI

OPPO's ColorOS

Honor's MagicOS

Samsung's One UI

OnePlus's OxygenOS

The malware works. After the victim has attached a fake application that runs in a malware extension or a loader that was created according to the above steps, instead of showing a bounce screen or other malware Pop Up, it uses a simpler method. This is a notification that Google Play (the official Android app store application) has an update to press to install. If the victim presses Update instead of updating Google Play, it gives full login permissions to malware, including the ability to access assisted mode. Disabled users or Comprehensive Accessibility Mode remain.

After the malware is fully licensed, it will start to steal information such as SMS or Short Message Service messages to find and steal the access code to the banking service, as well as use the Keylogger to steal passwords and PIN numbers (including PIN, screen unlock). Not only can hackers remotely unlock the machine after the victim restarts.

# Trending # Drug sign with lemon8 # lemon 8 diary # Lemon 8 Howtoo # freedomhack