- Bitdefender discovered a new powerful Android spyware
- Triout is a spyware that can collect sensitive data on victims, including phone call recordings
A brand new Android malware was discovered by the folks at Bitdefender. Called Triout, the malware is actually a piece of spyware that wants to capture loads of sensitive data about victims.
According to the security company, Triout comes with extensive surveillance capabilities. This means that while it goes completely undetected on your device, it can record your phone calls, log your texts, record videos, take pictures, and know where you’ve been by picking up your GPS coordinates. All this information is sent back to the C&C server controlled by the attacker.
“The malware framework seems to focus on mobile devices, phones, and tablets, with functionalities that can enable surveillance. Everything from recording incoming phone calls and tracking GPS coordinates can be remotely triggered and then uploaded to the attacker-controlled C&C server, which is still operational to date. This leads to believe that the malware framework is still a work in progress and being distributed outside official channels, perhaps through attacker-controlled websites, to a very select pool of victims,” Liviu Arsene, Bitdefender’s Global Cybersecurity Analyst, told TechNadu in a statement.
The malware was discovered in a fake version of “Sex Game”, an Android app that used to be in Google Play back in 2016. Basically, they repackaged an app that was removed from Google Play, which had an authentic Google Debug Certificate, and made it your personal spy. Thankfully, the new and infected app didn’t reach the Play Store.
It’s unclear how many Android users are affected by the malware. It seems that the new malware made its first appearance a few months back, with the first upload to VirusTotal happening in May.
There’s still not enough evidence to figure out who’s behind the attack, but the malware is a big threat to Android users’ security and privacy, so we advise users to be vigilant, avoid apps that have questionable value, and don’t allow third-party apps to be installed on their devices.