Google discovered new Spyware on Android called Tizi
Recently, Google's security team discovered a new malware on Android called Tizi and mainly targeted users in African countries.
Tizi is a type of spyware (spyware) that performs many activities but mainly focuses on social networking applications.
According to security engineers of the Google Threat Analysis Group and Google Play Protect, Tizi can be used for the following purposes:
- Steal data from social networking applications like Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn and Telegram.
- Record calls from WhatsApp, Viber and Skype.
- Record sound around the microphone.
- Silently take screenshots without informing users.
- Send and block SMS messages on infected devices.
- Access to contacts, calendar, call log, photo library, Wi-Fi encryption and applications installed locally on the device.
- When first infecting users, the software sends the device's GPS coordinates to the C&C server via SMS.
- An attacker often makes subsequent communications with the C&C server via HTTPS or in some isolated cases via MQTT.
- Can root devices through the following vulnerabilities: CVE-2012-4220, CVE-2013-2596, CVE-2013-2597, CVE-2013-2595, CVE-2013-2094, CVE-2013-6282, CVE -2014-3153, CVE-2015-3636, CVE-2015-1805.
Google engineers said they discovered Tizi spyware in September 2017 through Google Play Protect - Android application security scanning application on Google Play Store.
After investigating older versions of the Play Store app, the researchers found that many applications were attacked by Tizi since October 2015.
Google said it suspended the app's developer account, then used Google Play Store to uninstall Tizi applications on infected devices.
According to the Google data collected, most of those infected users are located in African countries, although it is unclear whether the distributor Tizi is in Africa.
Google also said that Tizi spyware is based on vulnerabilities that only work on older Android devices because new versions often have a higher security layer.
In addition, Google suggests the following steps to protect your Android device from malware:
- Check permissions: Be careful with applications that require unreasonable access. For example: Flashlight application will not need access to send SMS.
- Turn on the security lock screen: Select your easy-to-remember PIN, drawing or password, but hard to guess for others.
- Device update: Update devices regularly to own the latest security patches.
- Using Google Play Protect: Make sure you have activated the Google Play Protect application.
See also: Google Play Protect - a useful feature to help protect Android devices
You should read it
- It took three years for Google to discover this dangerous Spyware on Android
- How to check for spyware on Android devices
- New malware detection has terrible spy capabilities never seen on Android
- Many Android users discover that their phones have spyware installed after traveling to China
- Google said Android is now as secure as Apple's iOS
- Detect more than 1,000 spy applications on Android App Stores
- The dangers of spyware on iPhone
- Viruses transmitted from smartphones to computers appear in Vietnam
- Sneaking malware on the Internet
- 8 indications that the computer is infected with spyware
- Anti-spy expert
- NoAdware v4.0: free from spyware infection!
Maybe you are interested
How to Share Your Exact Location with Google Plus Codes
How to change the default font in Google Docs - Use the font of choice
Manifest V3 rollout to remove Google extensions is being pushed
More than 200 apps containing malicious code were discovered and downloaded millions of times on the Google Play Store.
How to Use Google Drive with Android File Manager
Kaspersky antivirus software suddenly disappears from Google Play Store