An app developer has put out five tools (identified by Bitdefender as Android.Spyware.GoneSixty.Gen), advertised as for â€œstudy purposeâ€ only, that can steal all data from a smartphone.
All one needs to do isÂ install on the victimâ€™s phone one of the apps, run it, and memorize a 5-digit code. In the background the spy tool silently uploads and sends to a remote server contacts, messages, recent calls, browser history stored on the phone. Plus it also initializes the uninstall process after the job is done. Nice and easy, and above all extremely discreet, in less than 60 seconds.
To access the uploaded data, the curious or the crook has only to go to the developerâ€™s site and enter the pass code to access all the contacts. For messages, recent calls and history, a $5 fee is requested which sounds like a small toll for a big invasion in someoneâ€™s personal life. If the person also keeps job related data on the phone, a pry tool like this can compromise an entire business in the process.
Thereâ€™s a note mentioning that all data not paid for by users will be deleted after a day, out of respect and for security reasons; needless to say that this statement is by no means to be trusted. A data base of sensitive private information – be it personal or corporate – can prove a gold mine. Cybercriminal minds can see the benefits of that and wouldnâ€™t let such an opportunity slip through their fingers.
Some ways to minimize such data theft:
– While in public, never lose sight of your smartphone
– If you lend your phone to someone make sure you keep an eye on whatever activity they initiate with it
– use an antivirus solution for smartphones
– don’t keep job-related information on your smartphone, unless you encrypt it beforehand
This article is based on the technical information provided courtesy of Vlad Constantin ILIE, BitDefender Malware Researcher.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.