Knowing is Owning

Friday, 28 July 2017

Google Play Apps with Malware capable of Controlling Your Android Device

In a security blog post, Google says it had discovered the new batch of apps, known as Lipizzan, while investigating another spyware Chrysaor. They say there's evidence the code contains references to cyber arms company Equus Technologies.
These Apps found in it's Playstore, are so refined, and is a two stage tool that imitate apps that sounded safe such as 'backup' or 'cleaner.' Once downloaded and installed, a 'license verification' stage would survey and exploit known vulnerabilities to 'root' devices that were running older versions of Android. This allowed the code to bypass security protections that had been built into the operating system.
Andrew Blaich, a security researcher at Lookout, told The Register this week at the Black Hat conference in Las Vegas. “We’re guessing that the malware was designed to target older versions of Android that are no longer being patched and which are more common in developing countries."

The apps were capable of secretly carrying out tasks like call recording, VOIP recording, recording from the device microphone, location monitoring, taking screenshots, taking photos with the device cameras, fetching device information and files and other user information like contacts, call logs, SMS, and application specific data.

The data collected was able to be accessed from apps including Gmail, Hangouts, LinkedIn, Skype, and Snapchat, as well as collecting messages sent and received by Whatsapp, Telegram, and Viber, which encrypt data in an attempt to make it difficult for attackers to intercept messages while their are travelling to their destination.

Read: Be Internet Awesome by google-To protect kids from scams, predators and other trouble online

Google has blocked the developers and the apps from the Android ecosystem and Google Play Protect has removed the apps from the affected devices.

The company suggests Android users protect themselves from similar spyware infections by ensuring they're opted in to Google Play Protect, avoiding third-party app stores, keeping unknown sources disabled while not using the device and keeping the device patched with the latest security updates.

0 Comment (s):

Post a Comment

Contact Form


Email *

Message *

privacy policy | Sitemap Copyright © Digitalbog | Powered by Blogger