Google finds spyware on the Play Store: it had access to Facebook, LinkedIn, and even Telegram

Google finds spyware on the Play Store: it had access to Facebook, LinkedIn, and even Telegram

With the announcement of Android 8 Oreo, Google also launched Play Protect — a new program that is there to perform periodic checks of the software that's on your phone and the apps that are in the Play Store, looking for evil-doing malware. Recently, Google found a family of spyware apps that sound really, really scary.

The apps were all carriers of the Tizi backdoor — a piece of malware, which has been around since 2015. Through exploits in the Android operating system, Tizi was able to gain root access to the device and snoop about the user's pictures, phone log, and chat logs for popular apps, such as Facebook, WhatsApp, Viber, and even the encrypted messaging service Telegram! Additionally, it could send out an SMS message with the device's GPS coordinates, take photos with the phone's camera and even record audio with its microphones.

Yeah, that sounds scary. The good news is that the exploits that Tizi was using have been patched long ago, with the April 2016 Android security patch. The bad news is that, as we know, there are millions of older Android phones out there that just don't get updates.

According to Google's data, Tizi apps were mostly downloaded by users in Kenya. A very small percentage of US users also got them. After discovering the exploit, Google deleted the apps, suspended the developers' accounts, and sent a warning message to all devices that were presumed infected. Google Play Protect has also been updated to more effectively detect Tizi-based malware.

Google finds spyware on the Play Store: it had access to Facebook, LinkedIn, and even Telegram

source: Google

FEATURED VIDEO

25 Comments

1. w1000i

Posts: 234; Member since: Jul 22, 2015

Kenya ??

2. paul.k

Posts: 283; Member since: Jul 17, 2014

A country in East Africa

3. AlikR

Posts: 45; Member since: Sep 05, 2013

and the reason for this article is?

4. paul.k

Posts: 283; Member since: Jul 17, 2014

On one hand, it could be to inform you that Play Protect has intercepted a malware, which may affect your device if it hasn't had an update since April 2016. On the other hand, what is the reason for anything, really? What is life even?

5. NickHill

Posts: 388; Member since: May 07, 2016

Chill brah.

19. NarutoKage14

Posts: 1293; Member since: Aug 31, 2016

Life is a conglomeration of atoms that can use photons and or other atoms to make more of itself. That or 42.

8. mikehunta727 unregistered

Spyware that has affected millions of users doesn't deserve a article ..? Think your on the wrong site

23. Paximos

Posts: 279; Member since: Jul 26, 2012

Kenyans are people too, can and use Android. Such an arrogant person.

6. Zylam

Posts: 1781; Member since: Oct 20, 2010

"Tizi was able to gain root access to the device and snoop about the user's pictures, phone log, and chat logs for popular apps, such as Facebook, WhatsApp, Viber, and even the encrypted messaging service Telegram! Additionally, it could send out an SMS message with the device's GPS coordinates, take photos with the phone's camera and even record audio with its microphones." LOLOLOLOL

20. NarutoKage14

Posts: 1293; Member since: Aug 31, 2016

So a toned down version of Facebook or the Uber app?

7. MattPerkins1

Posts: 94; Member since: Mar 25, 2017

This doesn't surprise me. Android world is full of malware. If you're serious about privacy or security, you would not use Android. Unless your income is low, no sane person would use Android.

14. nikhil23

Posts: 414; Member since: Dec 07, 2016

15. EvilAPi

Posts: 114; Member since: Sep 25, 2017

Your haters' mind only deserves nothing, pathetic attention seeker.

17. RebelwithoutaClue

Posts: 5482; Member since: Apr 05, 2013

Weren't you banned? Jesus, you sound like a broken record commenting the same thing over and over. A sane person would know privacy is dead and security is only as good as its weakest link, in your case you. Get a life

9. mikehunta727 unregistered

I use Disconnect Pro on my Note 8 to block tracking in apps, it works really well! Almost everyone of your apps are doing silent tracking of you for ads and etc, this blocks them from doing so and blocks ads in most apps too systemwide Aand I also use a adblocker for Samsung Internet, pretty strong combo

10. Podrick

Posts: 1283; Member since: Aug 19, 2015

Lol, Disconnect Pro blocked Phonearena in the past. Is that fixed now?

11. mikehunta727 unregistered

Never had any issues with it at all so far, thing is blocking trackers left and right for me in all my apps. My apps and internet browser absolutely fly

12. Podrick

Posts: 1283; Member since: Aug 19, 2015

Thats nice. Since Adhell is banned now, Disconnect pro is the only option.

13. mikehunta727 unregistered

Yeah I bought it, didn't mind paying for it.. gives you more privacy, saves battery life and better performing device and clears up ads in most apps

16. Podrick

Posts: 1283; Member since: Aug 19, 2015

I got it when it was free for a limited time, for iOS too.

25. MrShazam

Posts: 987; Member since: Jun 22, 2017

How did you use Disconnect Pro for all your apps? I just saw it on the Play Store for only Samsung Internet...

18. NarutoKage14

Posts: 1293; Member since: Aug 31, 2016

Is this a years old story?

21. paul.k

Posts: 283; Member since: Jul 17, 2014

The malware has been around since 2015, doesn’t affect devices with the April 2016 patch, has been officially detected in September 2017, and is revealed now. So it’s a saga.

22. An.Awesome.Guy

Posts: 636; Member since: Jan 12, 2015

So if there is fix for new bugs in new security updates, then Google Play won't be looking for them until a year later, IMO that is unacceptable and they should have looked into that and all other known malwares already.

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.