Android users need to be very careful while downloading new apps, given the recent surge in malware attacks. Adding third party anti-virus adds a much needed layer of security to Android devices. However, many of these anti-virus apps are still far from full-proof. Researchers from Georgia Institute of Technology examined 58 anti-virus apps and found that majority of them are not capable enough to detect modern day malwares, the results of which were published in July 2017.

Google’s new artificial intelligence based security tool Play Protect, which will also be integrated into the upcoming Android O operating system, scans the Play store as well as your phone regularly to identify bad apps. Users can help too by being more careful while online browsing or downloading anything. Here are some of the new malware lurking behind a harmless looking webpage, apps or media content, that you should be aware of.

Sonic Spy

This malware can secretly record conversations using the microphone and capture photos using the front camera without user’s knowledge. It can also leak information such as text messages, call logs, contact and WiFi access points.

According to San Francisco based security company Lookout, Sonic Spy has been found in over 1,000 apps since detection in August and many of them were on the Google Play Store. The most recent version of the malware on the Google Play Store was hidden in a messaging app called Soniac which was published by a Play Store account called iraqwebservice. Users should avoid unknown files or apps from third-party sources. To ensure this, go to Settings->Security and disable unknown sources.


Detected first in 2016 for targeting users of banking apps, Faketoken is back in news again. The latest version of the malware is attacking users through ride sharing apps. According to Moscow-based Kaspersky Lab, the malware is sneaking into user’s smartphone though SMSs asking them to download some photos.

Once the user downloads the photo, the malware install itself on the phone and substitutes the UI of ride sharing apps with a fake one. The malware is targeting these set of apps not because of any vulnerability in them, but because users are more likely to share their credit or debit card details on them. Once the details are shared, the malware intercepts them and sends them to hackers. Users can avoid them by deleting messages sent by unknown users.

Invisible man

This uniquely named malware is being used to target mobile banking users. So far limited to European countries such as Germany and France, the malware was first detected by Kaspersky Lab early this month.

Once installed it tricks users into giving it full permission to accessibility services which gives it the authority to access other apps. So far it has been using this full accessibility to enable a key-logger over your banking apps. Every time a user types something, such as login details of banking account, the key logger intercepts it and sends it to the hacker, giving them full access to user’s bank account. Users don’t suspect anything as the malware disguises itself as a flash player download, which is still required to run many websites, online videos and games on Android. Always download flash player from the original website and then go back to the website which requires it.