New malware Triout secretly records phone calls and even tracks GPS coordinates
Researchers at antivirus specialists Bitdefender have discovered a rather alarming new malware that affects Android smartphones. Triout, which can monitor phone calls and device locations, log text messages, and then send all of the data to a third-party seems to originate from Russia. Bitdefender discovered the new malware in July using AI algorithms.
After Bitdefender’s original discovery, a further investigation discovered all of Triout’s capabilities:
- “Records every phone call (literally the conversation as a media file), then sends it together with the caller id to the C&C (incall3.php and outcall3.php)
- Logs every incoming SMS message (SMS body and SMS sender) to C&C (script3.php)
- Has capability to hide selfCan send all call logs (“content://call_log/calls”, info: callname, callnum, calldate, calltype, callduration) to C&C (calllog.php)
- Whenever the user snaps a picture, either with the front or rear camera, it gets sent to the C&C (uppc.php, fi npic.php orreqpic.php)
- Can send GPS coordinates to C&C (gps3.php)”
Like a lot of the new smartphone app malware we’re seeing these days, Triout was discovered in a modified version of a regular app. The app in question here is the alluringly titled Sex Game for Adults, which was available to download via the Google Play Store in 2016. Although Sex Game for Adults has since been removed from the Play Store, it is available via various third-party app marketplaces.
We can’t stress enough here, that it is common sense that saves you from malware like Triout. According to Bitdefender’s findings, once installed on your device, Triout is almost impossible to detect. This means it is incredibly important to keep such types of malware off your device in the first place. It is more important than ever to only download apps and software from reputable download portals like Softonic.
One of the striking findings from the Bitdefender investigation is how easy it was for them to access the source code of the malware once the Sex Game for Adults apk file had been unpacked. This could indicate that the malware is still a work in progress and may find its way into other apps. If you’re interested in reading the full findings of the Bitdefender investigation you can download it here.
In the meantime, think twice about the places you’re downloading files from and even if you’re downloading your apps from the Google Play Store, remember that apps can still slip through Google’s security net. For more information about keeping your devices safe when downloading apps and software make sure you check out our tutorials below: