500 MILLION devices at risk from new Android malware that steals data from your Facebook, WhatsApp, Skype and Line apps


Users in Asia are being warned about a dangerous and highly sophisticated form of Android malware.

The malware, dubbed SpyDealer, is able to root infected devices and surreptitiously extract data from 40 of the most popular Android apps, including Facebook, Line, WhatsApp and Skype.

Researchers from Palo Alto Networks who discovered the malware said it can harvest a wide range of personal information including contact lists, account credentials, call history, SMS, MMS, and information on your wifi connection.

If that wasn’t bad enough, it can also track your location and record images and audio.

Other popular apps it is able to steal data from include WeChat, FireFox, Tango, Baidu, Telegram, Viber and Tencent Weibo.

Researchers noted that SpyDealer is a dangerous form of malware but added that they do not believe it is being spread through the Google Play Store.

Researchers also said that SpyDealer is only able to be effective against older versions of Android, specifically Android 2.2 to Android 4.4.

That’s still around 500 million devices at risk from SpyDealer.

“This represents approximately 25% of active Android devices worldwide. On devices running later versions of Android, it can still significant amounts of information, but it cannot take actions that require higher privileges,” Palo Alto researchers Wenjun Hu, Cong Zheng and Zhi Xu said in a blog post.

There are currently three versions of SpyDealer that are in the wild spreading in third party app stores disguised as ‘Google Update’ software.

It is not known how many devices have been infected so far but analysis has revealed that the majority of infected devices are in China, which have been infected through compromised Wi-Fi networks.

The advice to users, as always is to only download apps from the Google Play Store and to always read reviews and check permissions of any app your download.


Comments are closed.