New Android malware allows you to spy on the user and steal personal data

11 July 2017
SpyDealer is a new trojan discovered by researchers at Palo Alto Networks. They found that after infecting a device with this trojan, a hacker can do almost anything he wants, including spying on the smartphone owner and stealing his personal data from apps like Facebook, Skype and WhatsApp. It is not yet known how SpyDealer gets into a smartphone, but security experts say that it does not do it from Google Play Store. After penetrating an Android device, the trojan tries to gain root privileges using Baidu Easy Root app, which gives it almost complete control. The Trojan supports remote control via UDP, TCP and SMS, and is capable of stealing and forwarding data from various applications, including WhatsApp, Facebook, Skype, Telegram, Firefox, etc. But that's not all. SpyDealer can also retrieve information from an infected smartphone, including SMS messages, phone numbers, accounts, call history, and even location. After obtaining remote control, the attacker can take pictures with the camera, record phone calls, take screenshots, and listen to the smartphone's environment. According to experts from Palo Alto Networks, devices running Android OS versions 2.2 and 4.4 are completely vulnerable to the new Trojan. In addition, smartphones with newer versions of the OS are also at risk, although they significantly narrow the scope of SpyDealer, due to improved security and blocking a number of actions that require high privileges in the system. The spread of the Trojan is currently underway. More than 1,000 samples have already been detected, with the oldest dating back to October 2015.