Google’s Android team track, kill deadly Lipizzan malware in record time !

Posted on
Google’s Android team track, kill deadly Lipizzan malware in record time !

It has been just days since Google launched Play Protect feature to detect malwares on Play store and it has already bore fruits for the company, as the Android team has discovered a spyware dubbed as the “Lipizzan” and killed it before it could harm billion of smartphone users.

The Lipizzan categorised as deadly multi-stage spyware by Google, is claimed to have capabilities of doing unauthorised surveillance of user activities on Android phone, including recording of user text messages, emails, voice calls, photos, location data, and pretty much any other file formats.
As per Google’s investigation report, codes in the Lipizzan malware app was a handy work of the infamous cyber arms company, Equus Technologies.

Lipizzan was an advanced two-stage spyware tool, which was impersonating harmless apps such as Backup or Cleaner applications, thereby easily fooling naive users to install them.
Once gaining access, Lipizzan would load a second “license verification” stage, which would survey the infected device and validate certain abort criteria. If given the all-clear, the second stage would then root the device with known exploits and begin to exfiltrate device data to a Command and Control server.
Once gaining entry in to Android mobile, it had been illegally retrieving data from commonly used application such as Gmail, Hangouts, Snapchat, Telegram, Viber, WhatsApp, Skype, Messenger, LinkedIn, KakaoTalk, StockEmail and Threema.

It has come to light that there were around 20 such Lipizzan-riddled apps on Google Play, but thankfully it had only been installed in less than 100 devices worldwide. Soon after the detection, Google blocked the spyware developers and apps from the Android ecosystem. Also, Google Play Protect feature notified all affected device owners and successfully removed the Lipizzan apps.
Having gained important insights on Lipizzan, Google Play Protect has been upgraded with new framework to detect similar apps and thwart future infiltration.

 

With the introduction of Google Play Protect, the company can detect the malwares faster than ever before. In the past, sophisticated spywares used to go undetected for several months, in some instances more than a year and comprising security of millions of phones.
Now, things are about to change for good. Google has promised that it will continue to improve its security check with latest detection tools and patches to block any malevolent apps trying to infiltrate the Android ecosystem.