Lipizzan Spyware Detected by Google Had the Potential to Control Your Android Device

Advertisement
By Sanket Vijayasarathy | Updated: 28 July 2017 13:56 IST
Highlights
  • New spyware could control your Android device
  • Spyware was found hiding inside harmless apps like ‘Backup’ or ‘Cleaner’
  • Google Play Protect has managed to remove the malware
Lipizzan Spyware Detected by Google Had the Potential to Control Your Android Device

Back in April, researchers at Google discovered an Android malware, called Chrysaor, that could give an attacker remote control of the infected device. Android Security was able to find and block potentially harmful apps (PHAs) with that family of spyware, but in the process of doing so discovered a new spyware family called Lipizzan.

Researchers believe that the new spyware is unrelated to Chrysaor, and has the ability to monitor and exfiltrate a user's email, SMS messages, location, voice calls, and media. The code behind the spyware has been traced to a cyber arms company, Equus Technologies.

On the Android Developers blog, researchers say that the newly discovered spyware works in two stages. It is firstly distributed through several channels, including Google Play, and hides behind a harmless app like "Backup" or "Cleaner". After installing such an app, Lipizzan would load a second "licence verification" stage, which check out the infected device and validates certain abort criteria. Once the all-clear is given, the spyware proceeds to root the device with known exploits to take control of the device and exfiltrate data to a Command & Control server.

Once Lipizzan gains full control of the infected device, it has the ability to record call, track the user's location, take screenshots and photos with the device's camera, fetch information and files stored in the device and other user information such as contact, call logs and more. Researchers say that the PHA had specific routines to retrieve data from apps like Gmail, LinkedIn, Skype, Snapchat, and WhatsApp.

Advertisement

The most notable thing about the new spyware is how easily the authors can change the branding of the implanted apps. Soon after Google detected and blocked the first set of apps on Google Play, new apps began cropping up with the same spyware. These apps changed from 'backup' apps to apps like "cleaner", "notepad", "sound recorder", to name a few. Google says that it has so far detected the spyware in fewer than 100 devices that checked into Google Play Protect. Now that Lipizzan is detected, Google Play Protect has managed to remove the family from affected devices and will block installs on new devices.

Google says that Android users can protect themselves by making sure they opt into Google Play Protect, and making sure apps are downloaded exclusively from Google Play. The company also urges users to keep their phones patched to the latest Android security update.

Advertisement

There have been a bunch of Android malware-related reports such as SpyDealer, LeakerLocker, and CopyCat in recent months that have raised an alarming concern over the safety of the platform and the potential risks of storing personal information over the digital space.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Redmi Pad 2 With 11-Inch 2.5K Display, 9,000mAh Battery Launched in India
  2. Pixel 10, Pixel 10 Pro Alleged Case Hint at Design Changes
  3. Vivo X200 FE Launch Date, Colours, and Design Revealed Ahead of Launch
  4. Nothing Headphone 1 Price, Colour Options Leaked Ahead of Launch
  5. Apple Back to School Offer Brings Discounts on iPad Air, Other Products
  6. Xiaomi Redmi Pad 2 First Impressions
  1. SpaceX Launches 26 Starlink Satellites from California to Expand Low Earth Orbit Internet Network
  2. NASA and DoD Simulate Critical Abort Scenarios to Secure Artemis II Moon Mission
  3. Brain’s Built-In Signal Threshold Helps Differentiate Imagination from Reality
  4. Feather-Legged Lace Weaver Spider Uses Toxic Silk Instead of Fangs to Kill Its Prey
  5. New Habitability Model Helps Identify Which Alien Planets Might Be Able to Host Life
  6. Warner Bros. Games Restructures to Focus on Harry Potter, Game of Thrones, Mortal Kombat and DC Franchises
  7. Google Pixel 10, Pixel 10 Pro Alleged Case Suggests Minor Design Changes From Predecessors
  8. Oppo Reno 14 5G, Reno 14 Pro 5G India Launch Timeline Leaked
  9. Nothing Phone 3 to Offer Longer Android and Security Update Support Than Its Predecessor
  10. Boat Wave Fortune Smartwatch With NFC Tap & Pay Feature, Bluetooth Calling Launched in India
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.