SpyDealer, a form of Android malware, can steal data from more than 40 popular mobile device apps, including Skype, Facebook, WhatsApp and the Firefox browser. According to cybersecurity firm Palo Alto Networks, the malicious software can spy on victims’ call histories, contacts, Wi-Fi information and locations by exploiting the operating system’s accessibility feature.
Even more alarming – SpyDealer can answer and record phone calls, audio clips and video footage. It can also take screenshots or photos using the device’s front and rear camera.
Once installed, it shows no application icon.
Only products running operating systems 2.2 Froyo to 4.4 KitKat are vulnerable to SpyDealer – about 25 percent of active users. But with two billion Android-based devices worldwide, up to 500 million people may be at risk.
“On devices running later versions of Android, it can still steal significant amounts of information, but it cannot take actions that require higher privileges,” Palo Alto Networks said last week.
At least three versions of SpyDealer are currently active, with the oldest sample dating back to October 2015. It’s unclear how the malicious software made its way onto devices, but evidence suggests that users in China became “infected through compromised wireless networks.”
Submitted by: Arnfried Walbrecht
Comments are closed.