Cyber security researchers have identified a sophisticated Android malware named 'Antidot' that masquerades as a fake Google update, tricking users into downloading it; once installed, it targets banking information posing a significant threat. The malware spreads through phishing campaigns, SMSishing by sending fake messages urging users to update software; on installing, it tries to gain administrative privileges, allowing attackers to seize sensitive data like contact lists, credit card info, and login credentials for banking apps. Antidot exploits Android OS vulnerabilities, evades detection through obfuscation, and poses a considerable financial threat as attackers gain control over devices
To counter this, users are advised to avoid unsolicited messages, download apps only from official stores, use two-factor authentication, keep software updated, and deploy trusted mobile security solutions for protection, while organizations should provide security training to employees and consider mobile device management solutions. https://www.hackread.com/antidot-android-malware-google-update-steal-funds/