Google's Android team track, kill deadly Lipizzan malware in record time

Share

The spyware could also retrieve data from the likes of Gmail, LinkedIn, Messenger, Skype, Snapchat, Viber and WhatsApp.

Android is being targeted by a wave of malware designed by cyber arms companies that can evade the Google Play security processes by infecting devices in a two-stage process.

Threat researchers at Google found 20 Lipizzan apps - dressed up as seemingly harmless utilities - on the Google Play Store.

Named Lipizzan - after a breed of horse - the spy malware monitors and steals information about the target's emails, texts and other messages, exfiltrate information about contacts, listens in and records calls, can take screenshots and record audio and video and monitors the location of the user.

Google was able to find that these apps were distributed in a targeted fashion to around 100 phones.

Starbucks to close Teavana stores
Neither that venture nor Teavana – which focussed on tea rather than coffee - grew as fast as the company had hoped. Most locations of Teavana, which sells more than 100 varieties of tea, will be shut down by spring 2018.

It's 2017 and we have malware everywhere, even in places like the Google Play Store.

To entice users, the apps were given names like "data saver", "backup plus", "thunder backup", "note plus", and "device cleaner".

First stage discovered by Google Play Protect was being distributed via several avenues including that of Google Play.

Then, if it is given the all-clear, the second stage would root the device with known exploits and begin to exfiltrate device data to a command and control server.

The apps in question used spyware called Lipizzan, which the researchers said is connected to a "cyber arms company", known as Equus Technologies.

I wanted to launch Hawayein in the rain: Shah Rukh Khan
Shah Rukh said, "Salman Khan has a longer portion in Aanand L Rai's film as compared to my special appearance in " Tubelight ". Shah Rukh even joked about opening up the shed of the event's venue so that the rain could pour in on the audience.

The spyware was able to bypass Google's Bouncer security system by splitting into two stages. "The apps changed from "backup" apps to looking like a "cleaner", "notepad", "sound recorder", and "alarm manager" app", the researchers said. According to the company's findings, fewer than 100 devices had the malicious apps installed on their devices.

Google has promised that it will continue to improve its security check with latest detection tools and patches to block any malevolent apps try to infiltrate the Android ecosystem.

Spyware able to record calls, take screen shots, and extract users' email and text messages has been expelled from 20 Android apps and removed from almost 100 devices.

Therefore, Google has enhanced its capabilities to detect spyware with Play Protect, as it lays out steps to take to protect users. Google claimed that would make the infection rate only 0.000007 percent. In a statement released by Google, it has initially blocked the reported apps, but they still returned to the Play Store having some changes made.

Germany to oppose new United States sanctions on Russian Federation
An economic sanctions bill is heading to the president's desk - and it could put President Trump in a tight spot. After sanctions were approved this week by a 419-3 vote in the House, the Senate quickly followed suit.

Share