Tizi a New Malware detected by google - Security Loop- Understand The Security

Post Top Ad

Tuesday, December 5, 2017

Home malwares Tizi a New Malware detected by google

Tizi a New Malware detected by google

 https://securityillusion.files.wordpress.com/2017/11/androidmalware.jpeg?w=266
After many efforts by google removing malwares from Playstore. Recently google has detected a new malware
What is Tizi?
Tizi is a fully featured backdoor that installs spyware to steal sensitive data from popular social media apps. Google has discovered this family in September 2017 when device scan found an app with rooting capabilities that exploited vulnerabilities .
Tizi infected apps has been widely advertised in web

Scope of Tizi?

 Diagram Of tizi Infected . Mostly this malware is Found on African countries. (c) Google[/caption]
How tizi works ?
After gaining to root , it steals sensitive data from popular social media apps like Facebook, twitter, whatsapp, viber, skype and more.
It usually first contacts its command-and-control servers by sending an SMS with the device's GPS coordinates to a specific number. Subsequent command-and-control communications are normally performed over regular HTTPS, though in some specific versions, Tizi uses the MQTT messaging protocol with a custom server. The backdoor contains various capabilities common to commercial spyware, such as recording calls from WhatsApp, Viber, and Skype; sending and receiving SMS messages; and accessing calendar events, call log, contacts, photos, Wi-Fi encryption keys, and a list of all installed apps. Tizi apps can also record ambient audio and take pictures without displaying the image on the device's screen.
 
Tizi can root the device by exploiting one of the following local vulnerabilities:
  • CVE-2012-4220
  • CVE-2013-2596
  • CVE-2013-2597
  • CVE-2013-2595
  • CVE-2013-2094
  • CVE-2013-6282
  • CVE-2014-3153
  • CVE-2015-3636
  • CVE-2015-1805
Most of these vulnerabilities target older chipsets, devices, and Android versions. All of the listed vulnerabilities are fixed on devices with a security patch level of April 2016 or later, and most of them were patched considerably prior to this date. Devices with this patch level or later are far less exposed to Tizi's capabilities. If a Tizi app is unable to take control of a device because the vulnerabilities it tries to use are are all patched, it will still attempt to perform some actions through the high level of permissions it asks the user to grant to it, mainly around reading and sending SMS messages and monitoring, redirecting, and preventing outgoing phone calls.
 
What should I do to Prevent ?
Here are some few measures to prevent from it.
  • Turn on Verify apps from Seeting
  • Don't install software from unknown Sites
  • Turn off Unknown Sources if it is not in use.
  • Protect your device with pin and passwords
  • Encrypt your device
  • Always install new-updates
Sources : Google Security Blog
Tags
https://1.bp.blogspot.com/-9vGdt-0IMJM/Wi-IVROq-lI/AAAAAAAAADs/PrcUlkkdIIkjzOnIYjLFGWfew_rSAxYqACK4BGAYYCw/s1600/securitylooplogo.png

SL TEAM
Blog focused on Cyber news, hacking , malwares, cyber attacks. We provide you tips ,news and prevention methods. e-mail

on
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)