Hi guys,

Cyber security researchers at Cyble have discovered a new and sophisticated Android malware strain dubbed “Antidot.” This malware disguises itself as a fake Google update, tricking unsuspecting users into downloading it onto their devices.

Upon installation, Antidot seeks to gain administrative privileges on the device. If successful, it grants the attacker complete control over the device, allowing them to steal various forms of sensitive data, including:

  • Contact lists
  • SMS messages
  • Credit card information
  • Two-factor authentication codes
  • Login credentials for banking apps and online accounts

How to be safe:

  • Be cautious with unsolicited messages:
    • Don’t click on links or download attachments from unknown senders.
    • Even if a message looks like it’s from a reputable source, verify it before interacting.
  • Download apps only from official stores like the Google Play Store:
    • Check developer information.
    • Read app reviews.
    • Review requested permissions before installing.
  • Enable two-factor authentication for your accounts:
    • This adds an extra layer of security even if your credentials are stolen.
  • Regularly update your Android device and apps:
    • Updates fix vulnerabilities that attackers might exploit.
  • Stay tuned to incognito privacy tips.

As always, let me know if you need any help with this or with anything else. We’re always here to help 24 hours a day, seven days a week.

Sending you all the best,
Stephen McCormack