New Android Malware Alert – How to Defend Against the Antidot Trojan

Chris Thompson

By Chris Thompson


Keeping your mobile devices regularly updated is essential for maintaining security, but a new piece of Android malware highlights a potential risk associated with updates. Hackers have developed a trojan, dubbed Antidot, which pretends to be an official Google Play update, leading unsuspecting users into a trap.

The Threat

First identified by cybersecurity firm Cyble, the Antidot malware is highly dangerous, capable of taking complete control of your phone. It can harvest text messages, log keystrokes, and control your camera and screen lock. With such capabilities, hackers can track passwords, banking logins, and access a vast amount of personal data.

Image credit: Cyble

How Antidot Spreads

Antidot is primarily delivered through phishing messages that appear to come from Google, prompting you to update Google Play. These messages direct you to a convincing but fake website offering a malicious download package. Installing this package sideloads the malware onto your device, bypassing the legitimate Google Play Store. This method of distribution should be a red flag, as legitimate updates never require sideloading.

Sophistication and Global Reach

Cyble’s researchers have found that Antidot can display pages in various languages, indicating that it can easily adapt to different regions. This sophistication suggests it is the work of advanced hackers, not amateurs.

How to Stay Safe

This hacking campaign underscores the dangers of installing software from untrusted sources. Always remember:

  • Google Play Updates: The Google Play app can be updated directly within the app itself. Google will never ask you to install updates from a web page or message.
  • Enable Automatic Updates: To ensure your apps are always up to date, enable automatic updates. Open the Google Play Store app, tap your profile icon in the top-right corner, then go to Settings > Network preferences > Auto-update apps. Choose to update over Wi-Fi or any network to keep your apps current and avoid suspicious update prompts.
  • Use Antivirus Apps: Installing a reputable Android antivirus app can provide an extra layer of protection, stopping malware like Antidot before it can cause harm. Additionally, Google Play Protect scans apps downloaded from outside the Play Store, adding another safeguard.
  • Exercise Common Sense: Always be cautious about the sources of your downloads and updates. If something seems suspicious, it probably is.

By following these practices, you can protect your Android devices from threats like the Antidot trojan and keep your personal information secure. Stay vigilant and ensure your device’s security settings are robust to avoid falling victim to such malicious campaigns.