Android smartphone users are being warned about a new form of spyware that can secretly record their every move.
The new strain of android spyware, dubbed Triout, was uncovered by security researchers at Bitdefender and has the ability to take photos and videos, record phone calls, log text messages and keep track of a victim’s location.
The spyware works quietly in the background, and without the victim’s knowledge, it relays the sensitive information back to an attacker-controlled command and control server.
The spyware has been active since May last year and appears to be bundled with a repackaged version of an android app called “Sex Game”. The original version of this app was available on the Google Play Store but has since been removed.
It’s unclear just how the malicious app has been distributed, or how many times it’s been installed, but researchers believe it’s being delivered to victims by third party marketplaces or attacker-controlled domains.
The Spyware appears to be part of a more targeted and sophisticated espionage campaign and has extensive surveillance capabilities which can:
- record every call taking place on the phone
- upload recorded phone calls to a remote server
- steal call log data
- steal SMS messages
- send GPS coordinates to a remote server
- upload all pictures to a remote server
- hide from the user's view
Researchers from Bitdefender commented on the new spyware: “Since smartphones have become an integral part of our personal and business lives, imbuing them with surveillance and data exfiltration capabilities caused by malware can jeopardize users’ privacy and expose them to data theft and cyberespionage.
“The capabilities of Android malware are similar in complexity and surveillance capabilities to PC malware. From enabling remote microphone access to full camera control or access to all on-device data, Android malware can be stealthy, highly targeted, and extremely versatile.”
It can be tempting to download apps from third party sites, however this puts us at a great risk of our devices being hacked or infected with malware. To reduce the chance of your phone being infected with spyware, there are a number of preventative measures you can take:
Buying apps from trustworthy sources reduces the chance of your device being hacked or infected with malware. To check the authenticity of a source you can check the full name, list of published apps and contact details in the app description within the Google Play or Apple app store.
Permissions are used by apps to access specific functions and data within the device. If an app has a long list of permissions that are unnecessary to the functioning of an app this should act as a red flag and raise suspicions about the intent of its use. The fewer permissions an app requests, the more likely it is to be safe.
Take some time to research the developer of the app. Most app stores will include a link to the developer’s web page and this will give you a good idea if they are a reputable source.
One of the most important ways to protect against malware is to regularly update your phone’s software. Malicious apps will often take advantage of older versions of browsers therefore it’s vital that the latest software update is installed.
If you're looking to start a phishing awareness campaign or would like more information on how to protect yourself online, contact us to find out how we can help.