New Android Malware Logs User Activities to Sell to Hackers

The convenience of mobile apps allows us to do everything from depositing checks to playing Cards Against Humanity with someone halfway around the world from us. Because of the demand for mobile apps, scammers are cashing in creating many that contain Android malware.

Meet Triout the Malware Big Brother

Security researchers at Bitdefender uncovered new Android malware they named Triout. Once Triout takes root in your device, it can log your calls, location data, text messages, and even intercept your pictures and videos. Once it snatches this information, it can send everything to hackers.

What makes this Android malware unique is its deployment. Developers embedded this malware in an app called Sex Game. ZDNet reports Google removed the app from its marketplace but it’s still available via third-party marketplaces and even worse, it contains an authentic Google Debug Certificate, so on the surface, the app appears legit.

The spyware is all-encompassing once it takes hold of your device. ZDNet found the malware will record every phone call you make then save it as a media file. Delving further, it also found the malware can send all details of the call, including the audio and caller ID of the person you spoke with, to hackers.

Furthermore, anytime you take a picture on a hacked device, the Android malware sends the picture immediately to the hackers. The hackers also have the ability to receive the GPS coordinates for where you took the picture.

In essence, Triout is Big Brother, who becomes a digital shadow, arching everything you do and sending it to hackers who could have a field day with your data. Compounding this further is you could be compromising everyone you speak with since hackers gain their information as well.

How Do I Get Rid of Android Malware?

ZDNet found a backdoor that allows you to reveal the source code by unpacking the apk file. What this means is the developers of Triout are still working out the kinks.

In an interview with ZDNet, Bitdefender senior e-threat analyst Bogdan Botezatu explains how users can avoid malware programs such as this, “Users should be aware of any applications that do not come from the official store and refuse to sideload it if it gets downloaded from the web and make sure that the requested permissions are in line with the functionality provided by the application.”

“Unless absolutely required, users should be reluctant to granting applications permissions to read short messages, access call information or use the device’s sensors.”

Along with Bogdan’s recommendations, it’s important to investigate the source of the mobile app before allowing it to download. Things to look for include:

  • Is it available on the Google Play store?
  • Did you receive the app from the manufacturer’s website?
  • Did the company develop the app?

In the case of the latter consideration, you can search the developer’s info on the app’s page. If it matches up to the manufacturer, and it’s from the Google Play store or the company’s website, then it’s a safe bet the app is legit.

In the meantime, we understand things can happen where malware infects your device and renders your files inaccessible. While a frustrating situation, it’s far from hopeless. The team at Outsource Data Recovery has helped individuals and companies recover their data in a fast and professional manner. Allow us to put your mind at ease by contacting us today.