The Indian cyberspace has been affected with a type of Android malware that targets pre-Jelly Bean devices and is notorious for stealing SMSes and other sensitive information. To be precise, it can attack Android-based tablets and smartphones that run a version of the platform prior to 4.2.2.
Internet security sleuths have warned Android users to be careful of the malware. The Computer Emergency Response Team-India or CeRT-In has explained that attackers can inject the malicious software into legitimate applications. The malware successfully changes the application code without affecting its cryptographic signature. This basically is to trick the device into believing that nothing is wrong with that particular app.
In addition to revealing details like text message content, email addresses, IMEI number of the gadget, installed apps and much more, the malicious software can even make calls and send messages without letting the owner know. This could prove to be tricky for those who receive OTPs and other confidential information on their cell phones, as it could make it easy for attackers to transfer funds from your accounts if they manage to steal the user ID and password as well.
Certain measures that need to be taken in order to avoid falling prey to this malware include checking the app permissions thoroughly, scanning the phone with anti-virus tools from time to time and not visiting untrusted websites amongst others. Also, users should download applications only from trusted sources like the Google Play store or app stores of reputed companies. They should avoid installing content from any other location.