Smartphones have changed our lives for the better. We’re now able to accomplish so many important functions on the go that used to be confined to a desktop computer. Banking transactions, booking vacations and sending business emails to name a few.
So much of our personal data files are stored on these handy gadgets, it’s horrifying to think about a cybercriminal breaking into them. Unfortunately, a Trojan was recently discovered that allows cybercriminals to do just that.
How cybercriminals are stealing critical data
A form of malware that attacks Android gadgets was recently discovered by researchers at Palo Alto Networks. Although this malware was just discovered, it’s actually been infecting gadgets for almost two years. It’s being dubbed SpyDealer and is a threat to all Android devices, but those running older operating systems (OS) are at extreme risk.
What’s happening is, SpyDealer steals critical data from infected Android gadgets. It gets information from popular apps including Facebook, Skype and WhatsApp. You don’t need to delete these popular apps, they’re not actually the problem. It’s the malware that you need to worry about.
SpyDealer heists victims’ phone numbers, messages, contact information, call history and connected Wi-Fi data. Android users running operating system versions between 2.2 and 4.4 are susceptible to an even worse attack.
The cybercriminal has the capability to root these victims’ gadgets, meaning these users not only have personal information stolen but the attacker can also take control of the device. The scammer can record phone calls, take pictures and videos with the infected device, take screenshots and even monitor the victims’ location.
Those Android OS versions were released between May 2010 and late 2013. Even though they’re older operating systems, it’s estimated that nearly 25 percent of all Android gadgets worldwide are still running them. That means around 500 million Android users are at extreme risk. Yikes!
The way SpyDealer is infecting Android devices is still being investigated. However, it’s thought that the malware is being installed on unprotected gadgets that connect to compromised public Wi-Fi networks.
If you connect to a public Wi-Fi, it’s good practice to use a VPN.
What you need to do
Your first line of defense is to have strong security software installed on your gadget. This is your best chance of keeping malware off your device.
Also, if you are running one of the older Android operating systems, you should not connect to a public Wi-Fi network. Just leave Wi-Fi turned off when in public, this might help keep hackers from taking over your phone, but it’s not 100 percent guaranteed. You probably should look into upgrading to a newer gadget that runs the latest OS.
If your gadget is running a newer OS, it’s important that you check for system updates. Android typically updates the operating system automatically, but you can look for updates before that occurs.
To check for updates: open Settings >> tap About phone >> tap System updates >> tap Check for updates. If there is one available it will download automatically, you just need to restart the device for it to install.
There are over 40 apps that are having information stolen by SpyDealer. To see the list of impacted apps go to the next page.
(Note: Some of the affected apps are only available in China, so we left those off our list.)
Here are some of the known apps affected by SpyDealer:
- Android Native Browser
- Firefox Browser
- Sina Weibo
- Tencent Weibo
- QQ Mail
- NetEase Mail
- Baidu Net Disk
- icq video calls & chat
- KeeChat Messanger
- ooVoo Video Call, Text & Voice
- TalkBox Voice Messenger
- Voxer Walkie Talkie Messenger
- Zello PTT Walkie Talkie
- Oupeng Browser
- Baidu Browser
- Lenovo Browser
- Qihoo Browser
- Tencent QQ Browser
- 189 Mail
- 139 Mail
- Smart Shopping List – Listonic
- Kuaidi Taxi