The simple reality is that hacks succeed more often when they are disguised as a helpful program that people instinctively want to download. This latest attack vector employs that very disguise, masking itself as a Google Chrome updater.
In reality, it is an information harvesting machine that can collect call logs, browser history, banking information and SMS data from the phone it’s installed on and send it all back to the person who controls the malware. What’s worse is the fact that because it has all the outward appearances of a genuinely helpful/useful app, it can easily be missed or overlooked by even the most robust and up to date virus scanning software.
In time, antivirus software companies will update their databases to catch this latest attempt by the hacking community to steal your personal information, but in the meanwhile, it pays to be prudent. Even if you think you’re safe with a good antivirus package installed and are faithful about keeping it up to date, as this latest discovery indicates, the hacking community is always one step ahead.
The bottom line is, you should never download anything unless you can confirm that it comes from a trusted source, a habit that needs to be drilled into every employee at your firm, at every level. Spotting and looking for potential threats is also important to keeping all of your devices safe. If you use an Android device, be sure to double check any Google Chrome update requests to be sure it is not this latest threat.