We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use. Here's another reason to avoid downloading apps from third-party sources: Security researchers have discovered an Android spyware strain that's been secretly masquerading as a porn app. The spyware, dubbed Triout, is quite powerful; it can secretly record your phone calls and incoming text messages, take pictures and collect GPS data, and then send the data back to a hacker-controlled server. On Wednesday, Bitdefender published details of the spyware strain, which it suspects was spread through third-party app stores or website domains. Bitdefender began investigating Triout when it noticed a sample was uploaded on VirusTotal, an online service that lets you test suspected malware against antivirus engines. The Triout spyware was repackaged into a pre-existing porn app called "Sex Game For Adults." "The malware application is almost identical to the original app, both in code and functionality, except for the malicious payload," Bitdefender said in its report. "Starting from the app's icon to the in-app screens, the malicious version seems to keep all original functionality, potentially so as not to arouse any suspicion from its victim." However, once installed, the spyware can record every phone call as a media file that'll contain the caller ID. Whenever the phone snaps a picture, from either the front- or rear-facing camera, the spyware will record a copy too and send it to the hacker-controlled server. Surprisingly, the spyware's computer code was "unobfuscated," meaning you could unpack the Android file it came in and see how the malicious processes worked. This suggests the hackers were still testing out its functions. Bitdefender also suspects Triout may be part of a larger spyware "framework" that lets cybercriminals take benign Android apps and install malicious functions into them. Who might be behind the spyware isn't known, but it's been found in Russia and Israel. As of today, the hacker-controlled server that sends commands to spyware is still up and running.
Wir nutzen Cookies auf unserer Website. Einige von ihnen sind essenziell für den Betrieb der Seite, während andere uns helfen, diese Website und die Nutzererfahrung zu verbessern (Tracking Cookies). Sie können selbst entscheiden, ob Sie die Cookies zulassen möchten. Bitte beachten Sie, dass bei einer Ablehnung womöglich nicht mehr alle Funktionalitäten der Seite zur Verfügung stehen.
We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use. Here's another reason to avoid downloading apps from third-party sources: Security researchers have discovered an Android spyware strain that's been secretly masquerading as a porn app. The spyware, dubbed Triout, is quite powerful; it can secretly record your phone calls and incoming text messages, take pictures and collect GPS data, and then send the data back to a hacker-controlled server. On Wednesday, Bitdefender published details of the spyware strain, which it suspects was spread through third-party app stores or website domains. Bitdefender began investigating Triout when it noticed a sample was uploaded on VirusTotal, an online service that lets you test suspected malware against antivirus engines. The Triout spyware was repackaged into a pre-existing porn app called "Sex Game For Adults." "The malware application is almost identical to the original app, both in code and functionality, except for the malicious payload," Bitdefender said in its report. "Starting from the app's icon to the in-app screens, the malicious version seems to keep all original functionality, potentially so as not to arouse any suspicion from its victim." However, once installed, the spyware can record every phone call as a media file that'll contain the caller ID. Whenever the phone snaps a picture, from either the front- or rear-facing camera, the spyware will record a copy too and send it to the hacker-controlled server. Surprisingly, the spyware's computer code was "unobfuscated," meaning you could unpack the Android file it came in and see how the malicious processes worked. This suggests the hackers were still testing out its functions. Bitdefender also suspects Triout may be part of a larger spyware "framework" that lets cybercriminals take benign Android apps and install malicious functions into them. Who might be behind the spyware isn't known, but it's been found in Russia and Israel. As of today, the hacker-controlled server that sends commands to spyware is still up and running.