Security researchers discovered malware targeting Android devices that disguises as a Google Chrome update package in an attempt to fool users into lowering their defenses.
Crooks are distributing the fake update package as downloadable APK files, which users have to launch into execution by tapping on them. If a user is not accustomed to updating apps via the Google Play Store app, they might fall for this trick. It is of great importance that our readers understand that apps only need to be installed and then updated via the Google Play Store app.
Malware asks for admin permissions
In this particular case, when launched into execution, the Google Chrome update package asks for administrative rights. Since it's a "Google" Chrome update, most users are probably willing to grant it such permissions.
