Leave a comment

Two-stage spyware attacks triggered by malicious apps

Two-stage spyware attacks triggered by malicious apps
© Fizkes | Dreamstime

Cybercriminals are constantly finding new ways to rip us off. Once one scheme gets shut down, the attacker tweaks it just a little and starts the cycle all over again.

That's what's happening now in the battle against malicious apps. The latest batch is the scariest ever discovered.

Why recently discovered malicious apps are most devious ever

Google's security team recently discovered a family of malicious Android apps that actually made their way into its Play Store. The apps contain spyware dubbed Lipizzan. Its code has references to the cyber arms company, Equus Technologies.

What makes this spyware so nasty is the amount of data it can steal. Lipizzan is multi-stage spyware that can steal a user's SMS (text) messages, emails, voice calls, critical files and photos. It can even tell the cybercriminal your physical location at all times. Yikes!

Google's researchers found 20 Lipizzan apps that targeted a limited number of devices. They have all since been removed from the Play Store.

Here is a list of the malicious apps' package names:

  1. com.safe.datasaver
  2. com.and.goldbackup
  3. com.star.backupstar
  4. com.veramon.backupit
  5. com.copanga.backupplus
  6. com.app.thunderbackup
  7. com.kopos.nowbackup
  8. com.appnow.backupdroid
  9. com.apptimus.androidbackuppro
  10. com.app.backupfast
  11. com.app.instantbackup
  12. com.sd.sdbackup
  13. com.app.procleaner
  14. com.app.alarmmanager
  15. com.app.soundrecorder
  16. com.mem.notesplus
  17. com.app.processcleaner
  18. com.kobm.devicecleaner
  19. com.yonni.deviceoptimizer
  20. com.haima.ultracleaner

As you can see by the list, most of the malicious apps were impostors that were supposedly data saver apps or device cleaners. As I said earlier, these apps have been removed from the Play Store. However, the cybercriminals will most likely make some tweaks and start spreading the spyware through new apps in the near feature.

That's why you need to be prepared. Keep reading for some suggestions from Google.

How to stay protected from malicious apps

In the never ending battle against scammers, Google is asking Android users to follow these steps:

  • Opt in to Google Play Protect - It is designed to work in the background, protecting users from malicious apps in real time. Click here to learn more about it and how to opt in.
  • Only download apps from the Google Play Store - Even though these apps made it into the Play Store, it does have a more thorough screening process for apps. This cuts down on the chances a malicious app makes it in. Third-party app stores don't have these screening processes.
  • Keep "unknown sources" disabled while not using it.
  • Make sure your gadget is updated with the most recent Android security update.

If you do think that your Android device has been infected with a virus, don't worry, we've got you covered. Click here to find out how to detect and remove a virus on your Android gadget.

More stories you can't miss:

Common security risks every smartphone user should know about

One essential step to prevent identity theft

Scary mobile wireless flaw lets hackers track your cellphone's location

Next Story
Source: Wired
Adobe Flash getting the boot! Is this good or bad for consumers?
Previous Happening Now

Adobe Flash getting the boot! Is this good or bad for consumers?

A briefcase-sized weapon that can destroy any computer network
Next Happening Now

A briefcase-sized weapon that can destroy any computer network

View Comments ()