Newly analyzed malware obfuscates its malicious code in order to deceive cybersecurity experts. The malicious code is hidden in a .dex file of the apps which is dynamically decrypted and loaded. On analysis, it was found to be an older malware variant, FakeCall. Many new features seem to be yet unfinished. These include a Bluetooth and Screen receiver, an accessibility service that gives it control over user interfaces, and a phone listener service that acts as a conduit between the malware and its control server.
This Android malware can reroute phone calls to hackers
Android malware known as ‘FakeCall’ is now capable of deceiving individuals into unintentionally telephoning a scammer, potentially revealing personal information, according to cyber-security firm Zimperium.