Recently last month Bitdefender has discovered a Android malware/spyware named as Triout. The services of this spyware include
- Recording calls
- Capturing the private messages
- Stealing photos
Its activity was first identified back in May, when it was first uploaded on VirusTotal, a website that aggregates multiple antivirus scanning engines.
Bitdefender discovered the traces of the malware in the popular apps. This malware clones itself in the apps but it is still not found from where its generated or from where its started distributing.
What can this malware do? Well it can do much !!
- Record every call taking place on the phone
- Hide from the user’s view
- Upload recorded phone calls to a remote server
- Send phone’s GPS coordinates to a remote server
- Steal call log data
- Collect and steal SMS messages
- Upload a copy of every picture taken with the phone’s cameras to a remote server
This type of malware is used by nation-state hackers or by experienced cyber-criminals.
A flaw that Bitdefender believe is that they can easily unpack the app and the source code of this malware is easily available and they have analyzed it completely.
“This could suggest the framework may be a work-in-progress, with developers testing features and compatibility with devices,” Ochinca said.
“The C&C (command and control) server to which the application seems to be sending collected data appears to be operational, as of this writing, and running since May 2018.”
The working of this malware is mostly felt in unrecognized adult games in order to trick people.
The server of this Triout is believed to be operational.
Precautions are still to be announced by the antivirus and other researching companies.
However it is recommended not to install suspicious or unrecognized apps or don’t click on random links sometimes these random links install such malware without your knowledge.