Android Spyware monitors 40 more popular apps

Security company Palo Alto Networks researchers reported a popular Android Trojan SpyDealer, which is popular in China for Chinese users, who designed to steal 40 remaining popular applications.

Researchers have already notified Google, but the malware is not spread through the Google Play store. Researchers say there is evidence that SpyDealer can infect Chinese Android users through an invaded wireless network. Once the infection, it will use the commercial root tool Baidu Easy Root to get the root privileges of the device, abuse Android Accessibility Service function from the application to steal sensitive information, a large number of user information collection, including IMEI, IMSI, SMS, MMS, contacts, account, call history , Location, connected Wi-Fi information.

It also automatically responds to specific numbers, remotely controls devices via UDP, TCP and SMS channels, and can record nearby videos and audio with a microphone and camera, take pictures and screenshots. It can extract personal information from 40 popular applications, including WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent microblogging, Android Native Browser, Firefox Browser, Oupeng Brower, QQ Mail, NetEase mailbox, Taobao, Baidu network disk, BBM, mobile phone YY, easy letter, Fetion, everyone, and so on.

SpyDealer’s earliest version appeared in 2015, is still active in the update, the latest version is released in May.