A phony Google update is moving malware onto Android devices. The malware harvests call and SMS information and can steal credit card data. The attackers behind this scheme are pushing domain squatting URLs that are similar to ones used by Google for legitimate updates, hoping to snare less-than-vigilant users. Once installed, the malware connects to a remote site, before sending stolen call logs, SMS data, browser history and any stored banking data, Zscaler said. The only option to remove this malware is a factory reset, which leads to further data loss.
Source: https://threatpost.com/phony-google-update-spreads-data-stealing-android-malware/117742/