Google Play is always full of surprise – whether it is a new convenient application, or tool which will deliver a spyware infection. Google still struggles in the fight against malicious apps in its Google Play store. You can tell this only by looking at the recent news article we wrote about this corporation.
One of the most recent news explained that a malicious Chrome extension “AdBlack Plus” was exterminated. In September, Google had to get rid of 50 applications because they distributed ExpensiveWall malware. In addition to this, Dvmap Trojan was detected in June.
Without any more examples provided, you should already get a clear picture of the situation. Hackers target Google Play Store, and they target it a lot. This time, a spyware called Tizi was transmitted with apps like “DailyWorkout”.
Tizi Android spyware mainly focused on African countries and drastically invaded victims’ privacy
The Google Play Protect group announced about a discovery of a new spyware example. For some time, it was distributed through Google Play Store, but not anymore. Security researchers noticed this threat in September of 2017, but Tizi spyware was actively-spreading since 2015. However, earlier samples of Tizi were not that evasive and complicated. The recent variants have high-tech rooting capabilities that allow spyware to keep tabs on infected phones at all times.
Take a look at a few functions of Tizi spyware:
1. Record random sounds around a phone through its microphone.
2. Steal information from social networking sites: Twitter, WhatsApp, Facebook, Telegram, Skype and a variety of others.
3. Record calls that are made through Skype, WhatsApp and Viber.
4. Take screenshots of the screen.
5. Can access and manage a lot of elements of your phone: contacts, events, Wifi and etc.
6. Can root devices through a number of flaws.
7. Can contact its creators’ server.
8. Can send/read SMS messages.
These disturbing traits should definitely intimidate you. Imagine the information hackers would be able to obtain through all of these features? Your name, credit card details, credentials, private conversations via phone and in real life, and a number of different valuable details.
It is surprising that the Tizi spyware remained in Google Play Store since 2015 and it was removed only in 2017. This incident is a yet another reminder to be extremely picky when it comes to Android applications.
Lastly, it appears that Tizi spyware did not intend to infect random people. Of course, basically anyone could have downloaded the app, but security researchers assume that targets were chosen specifically by hackers. The biggest amount of victims was in Kenya, Nigeria, Tanzania but affected the rest of the world as well. For instance, some victims were also determined to live in the USA.
Source: threatpost.com.