This New Android Bug Can Track and Record You—Here’s How to Keep Your Device Secure

The virus impersonates popular apps like Pokémon Go and WhatsApp

Samsung Galaxy Note Edge Chris Goodney/Bloomberg/Getty Images

The sensitive information most of us keep on our smartphones can give access to almost every aspect of our lives. This means that hacking your smartphone equates to hitting the digital jackpot for cyber criminals, which is why mobile malware is on the rise among hackers.

Now a new Android malware is threatening the personal security of individuals around the globe, with exposure to usernames and passwords, banking information, and personal photos all at risk. But the malware doesn’t only have the ability to steal your information, it can take over your phone completely. This includes the ability to send texts, make phone calls, download pictures and files, record audio and video and track your location. It could also wipe your whole phone if it really feels like ruining your day. Pretty scary stuff.

Trendmicro has identified a particularly virulent new threat called “GhostCtrl” which combines the capabilities of previous information stealing bugs and becomes better at stealing information as it continues to evolve. The first version of GhostCtrl was able to steal information and control some device functionality on a smaller scale, while the second unleashed a new set of compromising features. The third and most potent version (as far as we know now) has combined the features from the first two, expanding the capabilities of the malware and increasing its effectiveness.

The malware tricks users into infecting their own devices by disguising itself as a popular application like WhatsApp or even Pokémon Go and asking the user to install it. Once the malware has embedded itself, it can run undetected in the background, quietly stealing your information and spying on you at the discretion of the hacker.

To help avoid this happening to you, follow these tips to keep your Android secure.

  • Never install an application from a third party vendor.
  • Install cybersecurity software from a well known cybersecurity company like Norton or Kaspersky.
  • Back up your phone constantly.
  • To avoid man-in-the-middle attacks, only connect to wifi networks you know are secure.
  • Don’t keep sensitive information in your notes.
  • If you’re going to keep sensitive information on your phone, use an encryption application.
  • Never open documents that you weren’t expecting, even if it looks like it’s from someone yo. know. Back in May of this year, an email chain spread a virus when a user opened what appeared to be a Google doc from a familiar source, which actually contained malware.
  • Keep your device updated.