Backdoor App Virus Called “Tizi”
A newly discovered backdoor that has managed to infect over one thousand Android devices was designed to steal sensitive data from popular social media applications, Google reveals.
Dubbed Tizi, the malware comes with rooting capabilities and has been already used in a series of targeted attacks against victims in African countries such as Kenya, Nigeria, and Tanzania. Discovered by the Google Play Protect team in September 2017, the backdoor appears to have been in use since October 2015.
A fully featured backdoor, Tizi installs spyware that allows it to steal sensitive data from the targeted applications, Google says. The malware family attempts to exploit old vulnerabilities to gain root access on the infected Android devices, and its developer also uses a website and social media to lure users into installing more apps from Google Play and third-party websites.
The Android spyware can steal sensitive data from social media apps like Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and Telegram. Tizi can also record calls from WhatsApp, Viber, and Skype. It can also access photos, contacts, call logs, calendar events, Wi-Fi encryption keys, and a list of all installed apps.
Here are some precautions that you should do to ensure that you are protected from this vulnerability.
- Where You Get APPs: Never download APPs from 3rd Party locations. Utilize Google Play
- Up-to-date: Always ensure your operating system is up-to-date and these will have should also include the latest security patches
- Suspicious APPs: One of the best defenses against malware is to notice things like suspicious apps with outrageous promises, bad reviews, and sketchy app permissions
- Settings: Google includes numerous settings in the Android operating system that can prevent malicious attacks. Devices running Android 2.2 or higher, which essentially means nearly all Android devices, have access to Google’s malware scanner. Prior to installing an application you downloaded outside of the Play store, Google will scan the app and warn you of any potential threats. This feature is enabled by default and can be accessed in the Google Settings app in your device’s app drawer. Alternatively, devices running Android 4.2 or higher can access the feature by going to Settings, clicking on Security, and scrolling down to Verify apps.
- Antivirus Apps: The Google Play store is also home to hundreds of antivirus apps that can offer an extra layer of protection. Finding the right one, however, can sometimes be difficult. A simple “antivirus” search in the store yields more than 250 results. So which one should you choose? Companies like Avast, AVG, BitDefender, Kaspersky, Sophos, Symantec (Norton), and TrendMicro have long and established histories as some of the most trusted brands in the industry.
Latest posts by Craig Hodgkins CTO (see all)