SECUREUPDATE
SECUREUPDATE is a Trojan downloader meant to infect Android devices. Malware researchers have opted to give it this particular name since the Trojan is often spread as a fake security update that makes use of social engineering tricks to convince its recipients to install it. However, users who install it will receive the exact opposite of enhanced security features - the SECUREUPDATE Trojan will reside on the infected device silently, and wait some time before it takes its next step.
Android Malware might be Linked to the Group behind MICROSPIA & VAMP
The SECUREUPDATE is believed to be related to the MICROPSIA and VAMP malware families since it shares the same Command & Control servers as them. This also means that its primary targets are likely to be users in Middle Eastern countries such as Palestine and Israel.
Of course, due to Android's security features, victims of the SECUREUPDATE might have one last chance to stop the attack by declining to grant the fake application permissions to use certain features and services of the mobile device. Unfortunately, since the SECUREUPDATE Trojan may be disguised as what looks like a legitimate security patch, many users are likely to blindly give it the permissions it demands.
SECUREUPDATE may Download a Secondary Payload at a Particular Date and Hour
The way that the SECUREUPDATE receives the payload to deliver also is very interesting – instead of waiting for a manual command to be sent out by the attackers, it will schedule a 'Calendar' event that will trigger the download command at a specific time and date. Some versions of the SECUREUPDATE also attempt to execute basic phishing attempts by prompting the user to register for a fake service. Since many users tend to reuse their login credentials across different websites and services, the attackers may receive lots of working login details.
SECUREUPDATE's attack can be prevented by taking two simple preventive measures – do not download Android applications with low reputation or from untrustworthy sources, and make sure to use a reputable Android anti-virus program.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.