New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. The spyware can only be installed as a 'System Update' app available via third-party Android app stores as it was never available on Google's Play Store. This drastically limits the number of devices it can infect, given that most experienced users will most likely avoid installing it in the first place. The malware also lacks a method to infect other Android devices on its own, adding to its limited spreading capabilities.
However, when it comes to stealing your data, this remote access trojan (RAT) can collect and exfiltrate an extensive array of information to its command-and-control server. Zimperium researchers who spotted it observed it while "stealing data, messages, images and taking control of Android phones."
"Once in control, hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more," they added. Zimperium said its extensive range of data theft capabilities includes:
Once installed on an Android device, the malware will send several pieces of info to its Firebase command-and-control (C2) server, including storage stats, the internet connection type, and the presence of various apps such as WhatsApp. The spyware harvests data directly if it has root access or will use Accessibility Services after tricking the victims into enabling the feature on the compromised device. It will also scan the external storage for any stored or cached data, harvest it, and deliver it to the C2 servers when the user connects to a Wi-Fi network. Unlike other malware designed to steal data, this one will get triggered using Android's contentObserver and Broadcast receivers only when some conditions are met, like the addition of a new contact, new text messages, or new apps being installed.
"Commands received through the Firebase messaging service initiate actions such as recording of audio from the microphone and exfiltration of data such as SMS messages," Zimperium said.
"The Firebase communication is only used to issue the commands, and a dedicated C&C server is used to collect the stolen data by using a POST request."
The malware will also display fake "Searching for the update.." system update notifications when it receives new commands from its masters to camouflage its malicious activity. The spyware also conceals its presence on infected Android devices by hiding the icon from the drawer/menu. To further evade detection, it will only steal thumbnails of videos and images it finds, thus reducing the victims' bandwidth consumption to avoid drawing their attention to the background data exfiltration activity. Unlike other malware that harvests data in bulk, this one will also make sure that it exfiltrates only the most recent data, collecting location data created and photos taken within the last few minutes.
If you would like to read more helpful articles and tips about various software and hardware visit errortools.com daily.

“Windows cannot install required files. Make sure all files required for installation are available and restart the installation. Error code: 0x800701e3.”To fix this Windows Upgrade error, here are some suggestions that might help.
net stop wuauserv net start cryptSvc net start bits net start msiserver
net start wuauserv net start cryptSvc net start bits net start msiserver
Bluescreen Error CausesBesides this, you may also experience this error message when you format a hard disk drive to install Windows 7.“An internal error has occurred: The parameter is incorrect: (0x80070057)”
Error Causes“Failed install attempt – 0xc1900130”Here are the technical details of the error:
“Error Code: 0XC1900130 Message: MOSETUP_E_INSTALL_HASH_MISSING Description: The install cannot continue because the instance hash was not found.”If you are currently facing this problem when you tried to install a Feature Update, you might have to check your internet connection and then try to install the Windows Update again. However, if it didn’t work, then you can refer to each one of the given options below to fix the error.
ipconfig /flushdns
Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)AppXManifest.xml” -Verbose}
Error Code 0x80d02002 is one of the common errors encountered by Windows users upgrading to Windows 10 or installing new Windows updates. This error results in program lock-ups, system crashes, and freezes, or slow PC performance. It can also cause possible loss of private data on your device.
Some of the common error messages involving Error Code 0x80d02002 include:
Error CausesIn trying to fix Error Code 0x80d02002, you can employ manual repair methods to effectively and efficiently solve the issue. However, keep in mind that one tiny error made in using the command prompt can result in data loss or put your computer in a no-boot situation. In such cases, you can seek help from a Windows professional or consider using an automated tool whenever necessary.
You can try doing the following manual repair methods in an attempt to fix Error Code 0x80d02002:
In trying to fix Error Code 0x80d02002, you may try resetting manually and check the Windows update components by doing the following steps:
net stop wuauserv net stop cryptSvc net stop bits net stop msiserver ren C:WindowsSoftwareDistribution SoftwareDistribution.old ren C:WindowsSystem32catroot2 catroot2.old net start wuauserv net start cryptSvc net start bits net start msiserver pause
Check if there are system files that need to be repaired by running an SFC Scan. Follow the steps below:
There are times when Skype or your installed antivirus can conflict in updating your system. You can disable first your antivirus or Skype as you update your system and enable them once again when you successfully update your system.
Can’t seem to put up with the long and technical manual repair process? You can still fix this error by downloading and installing a powerful automated tool that will surely get the job done in a jiffy!
“0xC1900209, Incompatible software is blocking the upgrade process. Uninstall the application and try the upgrade again.”This error message comes under the umbrella of the Windows 10 pre-upgrade validation using Setup.exe. And for you to identify the incompatible app, you need to grab a Windows 10 install image using the Windows Media Creation tool to download the suitable Windows 10 version and mount it. After that, execute the setup.exe file that’s located in the root folder of the Windows 10 install image. Once you execute the setup file, the upgrade wizard will give you a list of incompatible apps. Once you have determined which software is not compatible with the Windows Update, there are two options you can try to resolve the Windows Update error 0xC1900209 – you can either try to update the conflicting software or uninstall it. For more details, follow the given options below.