A new spyware family, Lipizzan is attacking Android devices. The spyware can record the victim’s voice through a microphone, take pictures with camera and screen screenshots, secretly overwatch text messages, and steal data from other apps.
Lipizzan was originally discovered by security researchers team at Google, and the details were mentioned on Wednesday in a blog post. Post says that the researchers at Google were investigating another spyware called Chrysaor, but they came across Lipizzan. In Lipizzan’s code, they found links to a cyber arms company called Equus Technologies.
Furthermore, the research team also found that the spyware is targeting specific users as overall, the team found out 20 Lipizzan apps that were affecting 100 devices.
‘Backup’ and ‘Cleanup’ applications were found with the spyware. Upon downloading the app, it would install a “license verification” to test the device for particular criteria before rooting it in order to steal the data, the post said.
As the post wrote, Lipizzan spyware affected following apps: Gmail, Hangouts, KakaoTalk, LinkedIn, Messenger, Skype, Snapchat, StockEmail, Telegram, Threema, Viber, and Whatsapp.
If appropriately started, Lipizzan could record calls and VOIP communication. In addition, it could record sounds from the gadget’s microphone. Moreover, the post noted, it could track the victim’s area, take screenshots, capture images with the camera, find and use gadget’s data, and take other data like call logs and application information.
The fact that Android has a bigger market share, the platform is a target for hackers. Moreover, Android users have easy access to various app stores, without any strict protection, and that is the reason why there is an increase in malware in Google’s mobile ecosystem.
For those, who want to secure themselves from being affected, the post has recommended going for Google Play Protect, only using the Google Play store to download apps, keeping “unknown sources” disabled when not in use, and always downloading the latest Android security updates.