Google Play apps were stealing texts and secretly recording calls

Google Uncovers Highly Targeted Spyware

All the apps had unassuming names like "Cleaner", "Backup", or "Sound Recorder" Google said.

Google Play Protect detected Lipizzan in 20 different apps that had been distributed in a targeted fashion to fewer than 100 devices.

The malware, dubbed Lipizzan, includes references in its code to Israeli start-up Equus Technologies, which claims on a sparse LinkedIn page to develop "tailor made innovative solutions for law enforcement, intelligence agencies, and national security organizations".

Google recently took down 20 professionally developed malicious Android apps that were capable of spying on a target's location and messages.

"Upon installation, Lipizzan would download and load a second "license verification" stage, which would survey the infected device and validate certain abort criteria".

If the device gets the green light the malware will root it with known exploits and exfiltrate data to a C&C server, Google explained.

Antonio Conte questions Tottenham's Premier League title ambitions
Conte praised Tottenham's progress but stressed it was easier for them to develop talent due to their lower expectations. But Conte , who led Chelsea to the title last season, added: "If [Spurs] don't win the title, it's not a tragedy".

In that second stage, it could take screenshots and photos, steal user data on contacts and files, record calls, monitor location, and even record from the device microphone.

The data collected was able to be accessed from apps including Gmail, Hangouts, LinkedIn, Skype, and Snapchat, as well as collecting messages sent and received by Whatsapp, Telegram, and Viber, which encrypt data in an attempt to make it hard for attackers to intercept messages while their are travelling to their destination.

The spyware was able to bypass Google's Bouncer security system by splitting into two stages.

Google blocked the first set of Lipizzan apps, but even then new versions were uploaded within a week of the takedown; this time created to look like apps including notepads, sound recorders and alarm managers. The new apps were uploaded within a week of the takedown, showing that the authors have a method of easily changing the branding of the implant apps. It had caught hold of one such malware and dealt with it before it could cause major havoc and as a subsequent result has also launched the Google Play protect security feature to insulate users from any such nasty malwares.

Back in April, researchers at Google discovered an Android malware, called Chrysaor, that could give an attacker remote control of the infected device.

The availability of multiple app stores to Android users, and the less stringent app review process, have contributed to the rise in malware in Google's mobile ecosystem.

Related News:



Most liked

The Sims 4 Will Be Releasing On Console In November
It comes with additional hot tubs and a number of outdoor decor items for creating an oasis in your back garden. EA has also promised regular game updates following the console release, too.

British Airways Owner IAG Posts 45% Jump in Quarterly Earnings
IAG's share price has been volatile this morning, having lost 0.67 percent to 590.00p as of 10:31 BST, after surging more than 0.7 percent earlier in the session.

Republican lawmakers rally around Sessions as Trump intensifies pressure
Dianne Feinstein, Calif., the ranking Democrat of the Senate Judiciary Committee, said, "What's happening is just bad ". John McCain, R-Ariz., wondered "How we can stop the president from firing the people he appointed I don't know".

Bad future performance Ahead?: American Airlines Group Inc. (AAL)
The sale was disclosed in a document filed with the Securities & Exchange Commission, which is available through this hyperlink . This change led market cap to move at $25.34B, putting the price -6.37% below the 52-week high and 54.58% above the 52-week low.

Driver turns Ferrari into fireball in 60 minutes
The high-performance Ferrari 430 Scuderia was reduced to a twisted wreck after the horror crash on the M1 motorway. In a statement on Facebook, police said they asked the driver what kind of vehicle he had.

For Namaz, Nitish Kumar Cuts Trust Vote Speech To 12 Minutes
Only last week, India's Central Bureau of Investigation had conducted raids at the premises of Lalu and Misa in Delhi and Patna . Everything will now depend on the number of mistakes that Prime Minister Narendra Modi and BJP make in the next two years.

Paulo Dybala: 'I'm happy at Juventus'
But the Italian side couldn't claim the trophy, beaten 4-1 by Real Madrid in the Cardiff final in early June. First, you find out the first official confirmation that Neymar is moving to Paris Saint-Germain .

Dortmund allow Merino to discuss transfer as Newcastle move nears
Newcastle manager Rafa Benitez added: "Mikel is a midfielder with talent, an U21 global for Spain ". The 21-year-old only joined the German outfit last year, arriving from Osasuna for a €3.85m fee.

Elon Musk's SpaceX valued at $21 billion
The general consensus has been that space exploration is too risky and rocket building too expensive for the private sector. SpaceX has made ten space missions to the ISS under the NASA's space cargo resupply contract.

Samsung Pay might be heading to non-Samsung phones
The favourable reception of Samsung's Galaxy S8 and S8 Plus has indeed translated into good n terms of sales and profits . The most impressive fact is that Samsung's mobile division estimated for 29 percent of the company's profits this year.

Shania Twain Shines in New 'Life's About to Get Good' Video
The album is the long-awaited follow-up to 2002's Up! " Life's About to Get Good " makes you believe every word from the singer. He "really loved this one particularly, he responded so enthusiastically to it", she tells Taste of Country Nights .

Trump dines with Sean Hannity, former Fox executive Bill Shine and Scaramucci
But let me tell you about myself. "If he's gonna be that divisive, I'm not sure he's gonna be very useful to the President". It's worth noting that there was in fact no leak behind Politico's publishing of Mr Scaramucci's financial disclosure form.

Twitter, Inc. (TWTR) Rating Reiterated by Cowen and Company
The sale was disclosed in a document filed with the Securities & Exchange Commission, which is accessible through this link . Canaccord Genuity reissued a "hold" rating and set a $15.00 target price on shares of Twitter in a research note on Monday.

Inder Kumar, Salman Khan's 'Wanted' Co-Star, Dies At 43
In his whole career, Inder Kumar had worked in 21 movies and now was working for a movie too. The cremation is scheduled to be held at Yaari Road, Shamshaan Bhoomi on Friday at 6 pm.

Juniper Networks, Inc. (NYSE:JNPR) Technical Analysis and Chart Patterns
Over the last five days, shares have faced -4.46% losses and now is up 0.78% since hitting its 200-day moving average of $28.53. Acrospire Investment Management LLC increased its stake in shares of Juniper Networks by 837.8% in the first quarter.