AbstractEmu Malware Silently Attacks Android Devices

It can gain root access to your device. 

Beware of AbstractEmu 

AbstractEmu is the new Android malware that uses code abstraction and anti-emulation checks to stop analysis from the moment the apps are opened. When the smartphone is infected, the malware can have complete control over the device while it’s evading detection. 

This malware is said to target and infect as many smartphones as possible. 

According to Lookout Threat Labs, a total of 19 Android apps are posed as utility apps that contain the rooting functionality. Out of the many rogue apps, one of them made its way to the Google Play Store. Before it was purged by Google, it has attracted over 10,000 downloads. 

The rogue apps are said to be distributed through third-party stores, like Samsung Galaxy Store and Amazon Appstore. You can also find them on Aptoide, APKPure, and other lesser-known marketplaces. 

This type of malware is destructive. It can gain access to the Android operating system through the rooting process. The bad actor can silently grant dangerous permissions or install more malware without the need for user interaction. 

With elevated privileges, the malware could access other apps’ sensitive data. 

Lookout hasn’t determined the company or person responsible for AbstractEmu. However, the company is suggesting it’s designed by a well-resourced group, which is motivated to steal money from Android smartphone users. 

In addition to AbstractEmu, you should also watch out for apps that are part of UltimaSMS, a scam campaign. These apps have been deleted by Google. However, before they were purged, they were downloaded 10.5 million times. 

These apps look like they’re offering video and photo editors, call blockers, and other normal uses. However, what the users don’t know is that they cause harm to their Android devices. 

As of this date, Google has found 150 fake Android apps that are part of the scam campaign. The complete list of 151 app names can be found here

These fake apps can access your phone’s location and know your language and area code. Once these details are obtained, they can use them to phish for more information, such as email address and phone number. These apps don’t lead to ransomware or identity theft. But they do want your money. 

When you download one of these apps, you will be automatically subscribed to premium SMS services. You will be charged $40 a month. The amount will depend on the country you live in and your mobile carrier. The purpose of these apps is to trick you into believing that you have signed up for premium SMS subscriptions. 

Hence, you should check your phone bill for any questionable charges. 

Stay Safe Online 

Mobile devices are not safe from bad actors. Even if you are downloading the app from the Google Play store, it’s still not a guarantee that it’s safe. Before you download anything to your mobile device, you need to check its reviews to ensure that it’s a reliable app. 

Even if you are using VPNs, the software won’t protect you from these scam apps.