A recently discovered Android malware variant has given Google a much-needed security victory.
Called Tizi, it’s a family of backdoor malware that specifically targets social media. Google picked up on it in September and has managed to “detect and investigate Tizi-infected apps and remove and block them from Android devices.”
The scale of the victory over Tizi is small, but it couldn’t come at a better time for Google. 2017 has brought a string of severe malware outbreaks to Android. Most of them simply waltzed past Google Play Protect, Google Play’s built-in anti-malware system, undetected—and that’s reason enough to make an Android user question their device’s security.
Tizi had the potential to be very serious, but Google said its threat analysis and Google Play Protect teams have killed it well before it became a widespread problem.
Using the malicious app the team discovered, they were able to discover that Tizi had been around since 2015 and that its developer even had a website and social media presence designed to trick people into downloading one of several Tizi apps that contained the malware.
Once installed, Tizi would gain root access and then steal information from social media apps. It could also send and receive SMS messages, record phone calls, access other apps like the calendar and photos, and retrieve system info like stored Wi-Fi keys. Perhaps most troubling, it could record and transmit ambient sound and take pictures without alerting the device owner.
If Tizi couldn’t gain root access, it would still request permissions from the device owner to allow it to function. Basically, it was a run-of-the-mill piece of backdoor Android malware, but this time Google caught it.
Submitted by: Arnfried Walbrecht