Android Malware Could Access Your Pictures And Calls

August 31, 2018

Written by wukovits

android malware could access your pictures and callsAndroid users have a new threat to contend with, according to a sixteen-page whitepaper outlining a new malware strain.

The paper was published by a group of security researchers working for Bitdefender. They identified a robust new strain of malware called “Triout.”

According to the report, although they just discovered the malware a month ago, there are indications that it has been in use since at least mid-May of this year.

Among other things, it can:

  • Steal call log data
  • Collect and steal SMS messages
  • Record every call taking place on the phone
  • Upload recordings of those calls to a remote server
  • Send the phone’s GPS coordinates to a remote server
  • Upload a copy of every picture taken with the phone’s camera to a remote server
  • Hide from the user’s view

These are robust, highly advanced features that require extensive, detailed knowledge of the Android OS.  Typically, malware of this type is used by nation-state hackers with deep pockets, or by well-heeled networks of cybercriminals.  At this point, there’s no clear indication which category Triout’s creators fall into.

The malware strain has been found masquerading as a legitimate app, but the team has been unable to trace it back to its source of origin.  At this point, there’s no clear indication where it’s coming from.  The first sample was uploaded to VirusTotal from Russia, but subsequent samples were uploaded from an Israeli IP address.

The researchers note that despite its advanced feature set, the group responsible appears to have made a mistake:

“What is striking…is that it’s completely unobfuscated, meaning that simply by unpacking the cloned app’s .apk file, full access to the source code becomes available….this could suggest that the Triout framework may be a work-in-progress, with developers testing features and compatibility with devices.”

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...