Welcome, Guest: Join Nairaland / LOGIN! / Trending / Recent / New
Stats: 2,657,696 members, 6,238,142 topics. Date: Monday, 12 April 2021 at 07:39 AM

Google Detects Dangerous Spyware Apps On Android Play Store - Science/Technology - Nairaland

Nairaland Forum / Science/Technology / Google Detects Dangerous Spyware Apps On Android Play Store (458 Views)

Are Anacondas As Dangerous As Shown In The Movie "Anaconda?" (Photos) / Cassowary: How The World's Most Dangerous Bird Got Its Unique Feathers / Africa’s Sahara ‘Most Dangerous Place On Earth’ 100 Million Years Ago (Photo) (2) (3) (4)

(1) (Reply)

Google Detects Dangerous Spyware Apps On Android Play Store by DrCybersecurity: 5:23pm On Jul 27, 2017
Security researchers at Google have discovered a new family of deceptive Android spyware that can steal a whole lot of information on users, including text messages, emails, voice calls, photos, location data, and other files, and spy on them.
Dubbed Lipizzan, the Android spyware appears to be developed by Equus Technologies, an Israeli startup that Google referred to as a 'cyber arms' seller in a blog post published Wednesday.
With the help of Google Play Protect, the Android security team has found Lipizzan spyware on at least 20 apps in Play Store, which infected fewer than 100 Android smartphones in total.


Google has quickly blocked and removed all of those Lipizzan apps and the developers from its Android ecosystem, and Google Play Protect has notified all affected victims.
For those unaware, Google Play Protect is part of the Google Play Store app and uses machine learning and app usage analysis to weed out the dangerous and malicious apps.

Lipizzan: Sophisticated Multi-Stage Spyware
According to the Google, Lipizzan is a sophisticated multi-stage spyware tool that gains full access to a target Android device in two steps.
In the first stage, attackers distribute Lipizzan by typically impersonating it as an innocuous-looking legitimate app such as "Backup" or "Cleaner" through various Android app stores, including the official Play store.
Once installed, Lipizzan automatically downloads the second stage, which is a "license verification" to survey the infected device to ensure the device is unable to detect the second stage.
After completing the verification, the second stage malware would root the infected device with known Android exploits. Once rooted, the spyware starts exfiltrating device data and sending it back to a remote Command and Control server controlled by the attackers.

Lipizzan Also Gathers Data from Other Popular Apps
The spyware has the ability to monitor and steal victim's email, SMS messages, screenshots, photos, voice calls, contacts, application-specific data, location and device information.
Lipizzan can also gather data from specific apps, undermining their encryption, which includes WhatsApp, Snapchat, Viber, Telegram, Facebook Messenger, LinkedIn, Gmail, Skype, Hangouts, and KakaoTalk.


There's very few information about Equus Technologies (which is believed to have been behind Lipizzan) available on the Internet. The description of the company's LinkedIn account reads:
"Equus Technologies is a privately held company specialising in the development of tailor made innovative solutions for law enforcement, intelligence agencies, and national security organisations."

Earlier this year, Google found and blocked a dangerous Android spyware, called Chrysaor, allegedly developed by NSO Group, which was being used in targeted attacks against activists and journalists in Israel, Georgia, Turkey, Mexico, the UAE and other countries.

NSO Group Technologies is the same Israeli surveillance firm that built the Pegasus iOS spyware initially detected in targeted attacks against human rights activists in the United Arab Emirates (UAE) last year.


How to Protect your Android device from Hackers?
Android users are strongly recommended to follow these simple steps in order to protect themselves:

Ensure that you have already opted into Google Play Protect.
Download and install apps only from the official Play Store.
Enable 'verify apps' feature from settings.
Protect their devices with pin or password lock.
Keep "unknown sources" disabled while not using it.
Keep your device always up-to-date with the latest security patches.

By Swati Khandelwal
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.
Source: http://thehackernews.com/2017/07/lipizzan-android-spyware.html

cc: Seun, Lalasticlala, Mynd44


Please note that, I (DrCybersecurity) dont own a blog, but I am only here to share cybersecurity news, via various cyber e-news outlet.

Re: Google Detects Dangerous Spyware Apps On Android Play Store by DrCybersecurity: 12:27pm On Jul 28, 2017
Lalasticlala, Mynd44 come and notify people about these Spyware applications cry cry

(1) (Reply)

The South Korean Military Is Developing A New Weapon To Aid Fight North Korean / SHOCKING: Facebook Asks Users To Send Nude Pictures / BEATSPILL BY DR. DRE NOW ON SPECIAL PRICE THIS DECEMBER. (pics)

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2021 Oluwaseun Osewa. All rights reserved. See How To Advertise. 42
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.