Android users have a new threat to contend with, according to a sixteen-page whitepaper outlining a new malware strain.
The paper was published by a group of security researchers working for Bitdefender. They identified a robust new strain of malware called “Triout.”
According to the report, although they just discovered the malware a month ago, there are indications that it has been in use since at least mid-May of this year.
Among other things, it can:
Steal call log data
Collect and steal SMS messages
Record every call taking place on the phone
Upload recordings of those calls to a remote server
Send the phone’s GPS coordinates to a remote server
Upload a copy of every picture taken with the phone’s camera to a remote server
Hide from the user’s view
These are robust, highly advanced features that require extensive, detailed knowledge of the Android OS. Typically, malware of this type is used by nation-state hackers with deep pockets, or by well-heeled networks of cybercriminals. At this point, there’s no clear indication which category Triout’s creators fall into.
The malware strain has been found masquerading as a legitimate app, but the team has been unable to trace it back to its source of origin. At this point, there’s no clear indication where it’s coming from. The first sample was uploaded to VirusTotal from Russia, but subsequent samples were uploaded from an Israeli IP address.
The researchers note that despite its advanced feature set, the group responsible appears to have made a mistake:
“What is striking…is that it’s completely unobfuscated, meaning that simply by unpacking the cloned app’s .apk file, full access to the source code becomes available….this could suggest that the Triout framework may be a work-in-progress, with developers testing features and compatibility with devices.”
President & CEO
I hope you enjoyed this article. My mission is to take your stress away from dealing with IT problems. Call (919) 800-0888 or send me a message at our contact us page if you have a question, comment or want help.