Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype ...

A type of malware that has a package name called "com.android.boxa" is able to steal users' private chat data on current messaging applications like Facebook Messenger, Skype, etc., from experts from Network security company Trustlook discovered on Android operating system.

This malicious code will modify the "/system/etc/install-recovery.sh" file inside applications so they can extract data even when the device has been restarted. Data after being stolen will be sent to the remote server and potentially hackers use them to blackmail victims.

This malicious code is spreading strongly in China with the first infected application, Cloud Module. According to the warning of Trustlook, this malicious code can easily bypass Android's security layers so it is difficult to detect.

List of high-risk applications affected by this malware include Facebook Messenger, Twitter, Skype, Telegram, Tencent WeChat, Viber, Weibo, Voxer Walkie Talkie Messenger, Gruveo Magic Call, Line, Coco, BeeTalk , TalkBox Voice Messenger and Momo.

For your safety, Android users should only install applications from Google Play, which is important when downloading content from email or third party websites.

See more:

1. Warning: GandCrab extortionist code is attacking Vietnam
2. Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer
3. Many computers in Vietnam have been hijacked due to virus infection