Android users are being warned about a fake version of a popular app that can steal and spy on you.
Android is undoubtedly one of the most used pieces of software in the world – with billions of people using it each and every month.
And the massive Android fanbase have been put on alert about a returning strain of malware that attacks devices using the Google mobile OS.
Researchers at Bitdefender have discovered the powerful Triout malware has made a comeback.
The Triout malware was discovered in the summer of last year by Bitdefender researchers, with it boasting “massive surveillance capabilities”.
At the time it was bundled with an Android app that was ripped from the Google Play Store.
The Triout malware can record phone calls, log incoming text messages, record videos, take pictures and even collect GPS co-ordinates.
And in a post online Bitdefender researchers revealed they have discovered Triout once again on a fake version of a popular app.
The com.psiphon3 package was originally found on the Google Play Store and boasts more than 50million installs and over one million reviews.
But cybercriminals have taken advantage of its popularity and redistributed a tampered version of it on third party Android app marketplaces.
This fake app also comes bundled with adware components to generate revenue for the threat actors.
Outlining their findings on the Bitdefender website, senior e-threat analyst Liviu Arsene said: “The proliferation of Android devices has renewed interest from threat actors in developing malware and spyware frameworks.
“The ubiquity of these devices in our daily lives, the level of information they can access, and the amount of sensors they’re equipped with (e.g. camera, microphone, GPS, etc.) turn them into the perfect spies if weaponised by malware.
“While the Triout Android spyware framework itself does not seem to have undergone changes in terms of code or capabilities, the fact that new samples are emerging and that threat actors are using extremely popular apps to bundled the malware, may herald more incidents such as this in the near future.”
Arsene added: “To steer clear of these threats, it’s best to install apps only from official marketplaces, always use a mobile security solution that can spot Android malware, and constantly keep your Android operating system up to date with the latest security updates.”
The Bitdefender research highlighted “that the low number of victims and infected devices” could mean that Triout was being used for “targeted espionage”.
Arsene said it was possibly being used in campaigns “aimed at a few individuals”.
Speaking to Express.co.uk, Arsene added: “The spyware’s extensive surveillance capabilities include, but are not limited to, exfiltrating documents and photos, recording phone calls and conversations, as well as getting real-time GPS coordinates from infected devices.
“It’s precisely because of these extensive capabilities that the Triout spyware is a highly versatile piece of malware, that can be used by both nation-states or any cybercriminal to successfully target and spy on unsuspecting victims.”
The news comes after last week Express.co.uk warned about apps on the Google Play Store that could steal your selfies.
• Stay tuned to Express.co.uk for more Android news