Google has detected a family of Android malware, known as Tizi, that is able to steal sensitive data from popular social media apps such as Facebook, LinkedIn, Skype, Telegram, Twitter, Viber, and WhatsApp.
In a blog post, Google security engineers described Tizi as a fully featured backdoor that installs spyware with some rooting capabilities. The blog noted that Tizi was used in a targeted attack against devices in certain African countries, specifically: Kenya, Nigeria, and Tanzania.
If the malware gains root in a device, it simplifies and strengthens the task of infiltrating apps. The backdoor malware contains various capabilities common to spyware, such as: recording calls from WhatsApp, Viber, and Skype; sending and receiving SMS messages; and accessing calendar events, call logs, contacts, photos, WiFi encryption keys, and a list of all installed apps.
In addition, Tizi apps can record ambient audio and take pictures without displaying the image on the device’s screen.
Most of the vulnerabilities target older chipsets, devices, and Android versions. Google reports that it has fixed all of the listed vulnerabilities.
However, if a Tizi app is unable to take control of a device because the vulnerabilities it tries to use are all patched, it will still attempt to perform some actions through the high level of permissions it asks the user to grant to it, mainly around reading and sending SMS messages, and monitoring, redirecting, and preventing outgoing phone calls.
What You Can Do
To reduce the chance of your device being affected by malware and other threats, Google recommend these basic steps:
Ensure Google Play Protect is enabled: Google Play Protect is on by default, but you can turn it off. Google recommends that you always keep Google Play Protect on.
Check permissions: Be cautious with apps that request unreasonable permissions. For example, a flashlight app shouldn’t need access to send SMS messages.
Enable a secure lock screen: Pick a PIN, pattern, or password that is easy for you to remember and hard for others to guess.
Update your device: Keep your device up-to-date with the latest security patches. As Tizi exploited older and publicly known security vulnerabilities, devices that have up-to-date security patches are less exposed to attacks from Tizi.
Locate your device: Practice finding your device, because you are far more likely to lose your device than install a potentially harmful application.
To ensure maximum safety for your Android device and everything on it, install antivirus software.
Posted From VIPRE