A fake malicious Chrome update is being actively pushed onto Android users, saddling them with information-stealing malware that can be uninstalled only by restoring the device to factory settings – and losing data in the process.
The malicious file – Update_chrome.apk – is hosted on a continually changing list of pages whose URLs sport variations on expressions like “Google”, “Google apps”, “Google market”, “Android update”.
Once victims are tricked into downloading and installing the fake update, the malware asks for administrative access to the device. When that access is granted, it:
Full Article
