Found spyware on Google Play could intercept communication WhatsApp, Viber and Skype

Team. Google's security provided the information, from which we can read that in the official store popped up spyware, which is able to steal details from social application to spy on conversations on WhatsApp, Viber and Skype . The malware known as Tizi, described is as a full-featured a backdoor, which is able to zrootować the system and spy on the actions of the user without his knowledge.

Capturing the attention of WhatsApp application, Telegram, Viber if Skype is not everything, Tizi can also send and receive SMS messages, has access to call history, calendar, photos, or Wi-Fi encryption keys and installed the application. In addition, Tizi can record audio and take photos without the knowledge of the user-warn experts from Bitdefender.

After zrootowaniu by vulnerability (CVE-2012-4220, CVE-2013-2596, CVE-2013-2597, CVE-2013-2595, CVE-2013-2094, CVE-2013-6282, CVE-2014-3153, CVE-2015-3636, CVE-2015-1805), Tizi steals sensitive information from popular social applications, such How to: Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and the Telegram.

Usually the first movement which executes the malware is sending SMS messages with GPS coordinates to the specified device number. Messages that control the software usually are carried out via an encrypted HTTPS protocol, though some versions Tizi using MQTT messaging between the server that is under the control of criminals, and the compromised device.

According to the report, Google, spyware was discovered in September by Google Play Protect. After deeper examination of the situation, it turned out that the origins of the Tizi date back to October year 2015 until.

How Android users can avoid surprises?

  • Check permissions: be careful especially for applications that require an unwarranted privilege. For example, application a flashlight should not ask for access to SMS messages.
  • Use the device lock: use your PIN code, pattern or keep your phone with your fingerprint, if such a possibility exists.
  • Update: do not delay with updates. The latest versions of the system usually improve what has been overlooked in an older version of Android.
  • Google Play Protect: make sure that Google Play Protect is enabled.

Unfortunately, security Android users depends on the main manufacturers of smartphones. If you do not make a firmware update, end customers do not have to count that in some magical way of vulnerabilities in the operating system załatają.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.