Lipizzan Spyware Detected by Google Had the Potential to Control Your Android Device

Advertisement
By Sanket Vijayasarathy | Updated: 28 July 2017 13:56 IST
Highlights
  • New spyware could control your Android device
  • Spyware was found hiding inside harmless apps like ‘Backup’ or ‘Cleaner’
  • Google Play Protect has managed to remove the malware
Lipizzan Spyware Detected by Google Had the Potential to Control Your Android Device

Back in April, researchers at Google discovered an Android malware, called Chrysaor, that could give an attacker remote control of the infected device. Android Security was able to find and block potentially harmful apps (PHAs) with that family of spyware, but in the process of doing so discovered a new spyware family called Lipizzan.

Researchers believe that the new spyware is unrelated to Chrysaor, and has the ability to monitor and exfiltrate a user's email, SMS messages, location, voice calls, and media. The code behind the spyware has been traced to a cyber arms company, Equus Technologies.

On the Android Developers blog, researchers say that the newly discovered spyware works in two stages. It is firstly distributed through several channels, including Google Play, and hides behind a harmless app like "Backup" or "Cleaner". After installing such an app, Lipizzan would load a second "licence verification" stage, which check out the infected device and validates certain abort criteria. Once the all-clear is given, the spyware proceeds to root the device with known exploits to take control of the device and exfiltrate data to a Command & Control server.

Once Lipizzan gains full control of the infected device, it has the ability to record call, track the user's location, take screenshots and photos with the device's camera, fetch information and files stored in the device and other user information such as contact, call logs and more. Researchers say that the PHA had specific routines to retrieve data from apps like Gmail, LinkedIn, Skype, Snapchat, and WhatsApp.

Advertisement

The most notable thing about the new spyware is how easily the authors can change the branding of the implanted apps. Soon after Google detected and blocked the first set of apps on Google Play, new apps began cropping up with the same spyware. These apps changed from 'backup' apps to apps like "cleaner", "notepad", "sound recorder", to name a few. Google says that it has so far detected the spyware in fewer than 100 devices that checked into Google Play Protect. Now that Lipizzan is detected, Google Play Protect has managed to remove the family from affected devices and will block installs on new devices.

Google says that Android users can protect themselves by making sure they opt into Google Play Protect, and making sure apps are downloaded exclusively from Google Play. The company also urges users to keep their phones patched to the latest Android security update.

Advertisement

There have been a bunch of Android malware-related reports such as SpyDealer, LeakerLocker, and CopyCat in recent months that have raised an alarming concern over the safety of the platform and the potential risks of storing personal information over the digital space.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Nintendo Switch 2 Debuts With Joy-Con 2 Controllers: Price, Features
  2. OnePlus Pad 3 With 12,140mAh Battery Launched in India: Check Features
  3. OnePlus 13s Launched in India: Know Price, Specifications and More
  4. OnePlus 13s Review
  5. Nothing Headphone 1 to Launch Alongside Nothing Phone 3 on July 1
  6. AirPods Pro 2, AirPods 4 May Get New Head Gestures, Camera Control, More
  7. OnePlus 13s vs iQOO 13: Price in India, Specifications Compared
  8. Samsung Galaxy Z Fold 7, Z Flip 7 May Be Unveiled at New York Unpacked Event
  9. OnePlus Pad 3 First Impressions
  10. Redmi Pad 2 With 9,000mAh Battery Launched in Global Markets: See Price
  1. Redmi Pad 2 With 9,000mAh Battery, MediaTek Helio G100 Ultra Chip Launched: Price, Specifications
  2. Google Doubles Gemini 2.5 Pro Rate Limit for Google AI Pro Subscribers
  3. Huawei Pura 80 Pro, Pura 80 Pro+ Design Teased; Pre-Reservation Begin
  4. Mistral Code AI-Powered Coding Assistant Introduced for Enterprise Developers
  5. Nothing Headphone 1 Launch Date Set for July 1, to Arrive Alongside Nothing Phone 3
  6. Ethereum Foundation Announces Overhauled Treasury Strategy Amid Scaling Push
  7. Google DeepMind’s Demis Hassabis Wants to Build AI Email Assistant That Can Reply in Your Style: Report
  8. Starlink Reportedly Nears India Launch With DoT Approval for GMPCS License Expected Soon
  9. Oppo Confirms Arrival of New Smartphone in India; Could Be the Reno 14
  10. Redmi Pad 2 India Launch Date Set for June 18; Design, Colour Options Teased
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.