When we install apps on our smartphones, we expect them to do exactly what they are meant to and nothing more. Very often, however, that’s not the case, as Google itself admitted.
According to the security team of Google Play, a new family of Android malware was discovered in the app store, called Tizi. The malware was able to steal data from social media apps, while WhatsApp, Viber, and Skype were completely open to spying.
The malware was a backdoor that could root targeted Android devices, installing spyware without anyone knowing. The majority of the infections happened in Kenya, the report shows, but also Nigeria, Tanzania, and even the USA.
The discovery was made in September 2017 when the device scans revealed an app with rooting capabilities exploiting some old vulnerabilities in the system. They went from there and discovered more apps, some as old as from October 2015.
The company disabled apps infected with Tizi and notified affected users, while the developer’s accounts were suspended from the app market. What’s more curious is that they weren’t just pushing apps, they were also pushing ads via social media to encourage more installs.
The company discovered around 1,300 devices infected with Tizi, but it’s clear the campaign to gain more traction was in full force.
This is just yet another example why we should keep an eye on the apps we install, as well as the permissions we allow them to have once on our smartphones. As Google puts it, a flashlight app doesn’t need access to your texts or the ability to send SMS. Even with Google’s protections for the Play Store, some apps will fly below the radars, and they might infect users with one malware or another.
Unlike other types of malware, Tizi didn’t just try to steal information about the user that they could use in order to break into other accounts of theirs, or maybe their bank accounts. Tizi was a direct threat to people’s privacy, targeting their cyber secrets.
It’s true that by 2020 Gartner predicts most of our cyber secrets will be out in the open because we will be unable to keep them hidden anymore, but that doesn’t mean we have to quit trying. Quite the opposite – we need to do our best and protect our privacy as much as possible, whether we’re talking about the messages we send via WhatsApp, or the posts we like on Facebook, or the Telegram texts we receive. Tizi turned services we thought to be protected, such as end-to-end encrypted messaging tools, obsolete. Our conversations may not be able to be intercepted, but as long as we have spyware on our devices, where the data is not encrypted, our secrets are no longer secret.
So, the next time you install some app or another on your phone, make sure you check for permissions. While you’re at it, you can also update your device with the latest security patches. Make sure you have two-step authentication enabled on your Google account and any other account, for that matter, and make sure your device cannot be unlocked by others. As Google points out, you’re more likely to lose your smartphone, than install an infected app from the Play Store, but you need to make sure you’re protected from all sides either way.