Google detects spy app stealing info from social media, phones
Team Udayavani, Nov 30, 2017, 9:31 AM IST
New Delhi: Google has detected an app ‘Tizi’, which has been stealing information from call records and also from social media apps like Facebook, WhatsApp, and also take pictures from mobile phones without even displaying them on screen of the device.
“Tizi is a fully featured backdoor that installs spyware to steal sensitive data from popular social media applications. The Google Play Protect security team discovered this family in September 2017 when device scans found an app with rooting capabilities that exploited old vulnerabilities,” a post on Google security blog said.
The company has removed the app from Play Store, notified all known affected devices and suspended account of the app developer, the post dated November 27 said. The post said that the earlier variant of Tizi did not have rooting capabilities but it developed later on and thereafter started stealing sensitive information from devices.
“The rooting capabilities give an app full control of the device. It can bypass all restrictions posed on it by Android security system. An app with rooting is like a user using the device. The presence of such app on Google Play Store raises concerns around secure apps on the app store,” cyber security expert Jiten Jain said.
The post said that after gaining rooting capability, Tizi steals sensitive data “from popular social media apps like Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and Telegram.” The backdoor capability of Tizi were common to commercial spyware, such as recording calls from WhatsApp, Viber, and Skype, sending and receiving SMS messages, and accessing calendar events, call log, contacts, photos, Wi-Fi encryption keys, and a list of all installed apps
“Tizi apps can also record ambient audio and take pictures without displaying the image on the device’s screen,” the post said. The post said that in and after April 2016 vulnerabilities in devices which could have been affected by Tizi were fixed with new software codes.
“If a Tizi app is unable to take control of a device because the vulnerabilities it tries to use are are all patched, it will still attempt to perform some actions through the high level of permissions it asks the user to grant to it, mainly around reading and sending SMS messages and monitoring, redirecting, and preventing outgoing phone calls,” the post said.
Reacting to the information, Microsoft spokesperson said, “The vulnerabilities referenced relate to Android and Linux. As the blog suggests, we advise customers who use Skype on these platforms to ensure their systems are up to date. Windows users are not affected”.
Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.
Top News
Related Articles More
Make capability building process more efficient: Rajnath to IAF
Scripted video shared online falsely shows man dying during massage in salon
Cong attacks PM Modi as video shows BJP leader ‘distributing’ money to voters in Maharashtra
BJP accuses CPI(M), Cong of using Wayanad landslide for ‘political gains’
HC orders attachment of Himachal Bhawan after state govt fails to clear dues of power firm
MUST WATCH
Latest Additions
Make capability building process more efficient: Rajnath to IAF
Fire at electric vehicle showroom in Bengaluru; employee killed
Wine Merchants withdraw decision to halt liquor sales in Karnataka on Nov 20
Scripted video shared online falsely shows man dying during massage in salon
Cong attacks PM Modi as video shows BJP leader ‘distributing’ money to voters in Maharashtra
Thanks for visiting Udayavani
You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.