Experts have discovered new Android malware that sets itself up on a device via drive-by download and allows for remote code execution.
According to a blog post by researchers at Fortniet, the malware automatically downloads onto a device when users visit a legitimate Spanish newspaper website. A JavaScript popup prompts a user to update their app manager, which then leads to installing the malicious package.
Once installed on the device, the malware sends a list of all the applications on the device in clear text to servers controlled by the malware authors and allows for remote code execution.
According to researchers, while the app is a real mobile phone manager, which assists users in managing smartphone content, such as pictures and applications, users have complained about receiving spam and the app updating without consent.