Google security experts discovered a new dangerous type of Android spyware, named Tizi. This malware has been used to target users in African countries.
Google’s security researchers say that Tizi is a sphiscated malware which can perform various operations, but primarly focuses on social media applications.
Tizi spyware can be used for the following malicious purposes:
- Can steal data from popular social media apps including Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and Telegram.
- Can record audio through the smartphone’s microphone.
- Can record calls from WhatsApp, Viber, and Skype.
- Can access contacts, calendar events, call logs, photos and Wi-Fi encryption keys.
- Can send and intercept SMS messages.
- Can send the device’s GPS coordinates via SMS to a C&C server.
- Can take pictures of the infected device’s screen.
The Tizi spyware was discovered in September 2017, when Google Play Protect security scan system has spotted a Tizi-infected application that was installed on a victim’s device through the Google Play Store.
After analyzing older versions of apps uploaded to the Google Play Store, security experts discovered a few more Tizi-infected apps uploaded in 2015 and 2016.
Google suspended the infected app’s developer account and then used the Google Play Store to remotely remove the Tizi apps from infected devices.
Most infected devices were located in African countries, however it’s still unclear if Tizi’s operators were located in Africa as well.
Google engineers say the Tizi’s functionality was based on old exploits that only work on older unpatched Android devices.
How to Protect Android Against Malware?
1. Keep your device up-to-date with the latest Android patches.
2. Enable Google Play Protect option.
3. Be cautious with apps that request unreasonable permissions on your device.