- Apr 21, 2016
- 4,374
A new form of Android malware has been spotted online, with some 25 percent of devices running Google’s mobile operating system said to be fully exposed.
SpyDealer is a Trojan detected by the researchers over at Palo Alto Networks, who revealed that once an Android device is infected, a hacker can do basically anything he wants, including spying on users and stealing personal data and from apps like Facebook, Skype, and WhatsApp.
While it’s not yet clear how it manages to infect a device, security experts say SpyDealer is certainly not bundled into Google Play Store apps, so there’s a good chance it’s injected in other popular apps available in third-party stores.
Stealing data from infected Android phones
Once it compromises a device, SpyDealer attempts to gain root privileges with exploits in an app called Baidu Easy Root, which could basically provide attackers with full control. The Trojan supports remote controlling via UDP, TCP, and SMS, and can steal data from a wide variety of applications, including here WhatsApp, Facebook, Skype, Telegram, Firefox, and others.
But that’s not all. SpyDealer can also extract personal information from the compromised Android device, including SMS conversations, phone numbers, accounts, call history, and even location. Attackers with remote control over the device can also take photos with the camera, record phone calls, take screenshots, and even listen to what’s happening near the phone.
Read more: New Android Malware Lets Hackers Spy on Users, Steal Their Data
SpyDealer is a Trojan detected by the researchers over at Palo Alto Networks, who revealed that once an Android device is infected, a hacker can do basically anything he wants, including spying on users and stealing personal data and from apps like Facebook, Skype, and WhatsApp.
While it’s not yet clear how it manages to infect a device, security experts say SpyDealer is certainly not bundled into Google Play Store apps, so there’s a good chance it’s injected in other popular apps available in third-party stores.
Stealing data from infected Android phones
Once it compromises a device, SpyDealer attempts to gain root privileges with exploits in an app called Baidu Easy Root, which could basically provide attackers with full control. The Trojan supports remote controlling via UDP, TCP, and SMS, and can steal data from a wide variety of applications, including here WhatsApp, Facebook, Skype, Telegram, Firefox, and others.
But that’s not all. SpyDealer can also extract personal information from the compromised Android device, including SMS conversations, phone numbers, accounts, call history, and even location. Attackers with remote control over the device can also take photos with the camera, record phone calls, take screenshots, and even listen to what’s happening near the phone.
Read more: New Android Malware Lets Hackers Spy on Users, Steal Their Data
