A new wave of cybercrime is sweeping through app stores and messaging platforms — and it’s disguised as legitimate software updates. In mid-October 2025, cybersecurity researchers at Malwarebytes uncovered a campaign distributing fake update prompts for popular apps like WhatsApp, Telegram, and Chrome.

The scam works like this: users receive a message or pop-up urging them to “install a critical security update.” But instead of a patch, the link installs a remote-access trojan (RAT) that silently takes control of the device, stealing passwords, files, and even two-factor authentication codes.

What makes this attack especially dangerous is its social engineering precision — the fake updates often mimic real design elements, complete with official-looking URLs and update icons. In one major incident, a fake “Chrome Update” message targeted Android users in Europe and Africa, compromising thousands of devices within hours. Security analysts warn that these fake updates are becoming a global problem, spreading through cloned websites and third-party app stores.

The rise of AI-generated phishing pages has made spotting fakes harder than ever. Experts now recommend updating apps only through verified stores and enabling automatic updates instead of clicking external links.

Key Takeaway: The next time your phone asks you to “update now,” think twice. Cybercriminals are turning routine security habits into attack vectors — proving that not every update makes you safer.