New Android malware can record your conversations

October 6, 2022

By Kim Komando

Who wouldn’t like getting free products or services to save a few bucks? Especially these days when inflation is skyrocketing.

But not everything is always as it seems. If you search online for free device cleaners or security apps, they might infect your device with malware. Tap or click here for a few examples of free antivirus apps recently caught hiding malware.

Unfortunately, another dangerous malware variant is replicating rapidly, and its capabilities are concerning. This latest threat not only steals personal information from your device but can take control of your phone to make calls and send texts. Read on for details and what you can do to avoid it.

Here’s the backstory

There have been tons of malicious apps found in app stores lately that, if downloaded, will infect your device with malware. But this dangerous malware variant isn’t found in any app store. Instead, it’s being spread through untraditional means.

Here’s what’s happening. Security researchers at Zimperium zLabs recently discovered a Remote Access Trojan (RAT) targeting Android phones. A fake app is being advertised on social media in the Middle East, targeting business phones.

The app claims to allow users to log into social media sites that are typically blocked from their viewing. The app is called NumRent and is a renamed version of a previously malicious app called TextMe. To get the app onto your device, you need to download it from a link in the ad. Any red flags there?

It’s never a good idea to sidestep official app stores. We always recommend getting apps from the Google Play Store or Apple’s App Store. Downloading an app from a social media link is even more dangerous than using a third-party store. In other words, do NOT do it!

The malware hiding in the fake NumRent app is called RatMilad by the team at Zimperium.

RatMilad is particularly dangerous, as it can:

• Access your contact list, text messages and call logs.
• Read account names and permissions on your device.
• See clipboard data.
• Retrieve GPS location data.
• Read, write and delete files.
• Record sounds and conversations from the phone.

RatMilad gives bad actors access to account credentials on your phone and can even let them place phone calls and send text messages.

Even though this attack targets people in the Middle East, you must be aware that this can happen anywhere. If you download apps from links found on social media or in unsolicited text messages or emails, you’re putting your device at risk of infection. Just don’t do it. Always stick with official app stores.

What you can do about it

There are a few things that you can do to ensure your device doesn’t get infected with malware. The most important is only to download apps from official app stores. Getting apps from untrusted sources can lead to infecting your device with malware.

Here are more suggestions.

• Only download apps from official app stores. Always go to the official source and double-check that you are installing the correct app.
• Keep your phone updated with the latest patches and fixes. We alert you to those over at Komando.com. Tap or click here to try Kim’s free email newsletters to get the alerts right to your inbox.
• Use two-factor authentication and password managers for better security. Tap or click here for details on 2FA.
• Pay attention to permissions. Stay away if an app wants full access to your text messages or notifications. 
• Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Use this easy, free check to see if a site or file contains malware

Malware alert: Do not ignore this warning on your phone