Old Android at risk: SpyDealer tries to steal WhatsApp data

SpyDealer is a very aggressive Android virus that spies on affected devices and infiltrates many of the most popular applications

Android once again ends up under attack. A new malware, capable of infiltrating some of the most used applications, including WhatsApp, has been discovered and made public by researchers from Palo Alto Networks, an American company expert in computer security.

It is a very aggressive form of virus, which mainly affects older Android devices. SpyDealer, as the malicious program has been named, is scary because it is capable of getting hold of a lot of data. As a matter of fact, the malware penetrates victims' personal accounts and gets hold of sensitive information. And that's not all. The new Android Trojan also spies on infected smartphones, recording video, audio and capturing screenshots. SpyDealer, first spotted in October 2015, can also automatically answer incoming calls and take photos.

SpyDealer, affects more than 40 apps

According to researchers, the malware is adept at obtaining administrator privileges, which allow it to take total control of the device, and install a backdoor. SpyDealer, once the device is compromised, is able to steal data from more than 40 apps. The affected apps include some of the most popular ones. Besides WhatsApp, the dangerous malware penetrates Facebook, Skype, Viber, WeChat and Telegram. And not only that. The virus accesses the phonebook, reads the phone number, obtains the device's location and also acquires the data of the Wi-Fi network.

Distributed mostly in China

In addition, SpyDealer remotely sends the collected information, allowing hackers to control the phone remotely as well. According to the information released by the researchers who discovered the trojan, SpyDealer has not managed to get into the Google Play Store. There is no exact information about how the threat started.

The malware was mainly traced to China, where it affected more users, and found in applications with names like "GoogleService" and "GoogleUpdate". Fake apps, created with the aim of deceiving victims.

As mentioned, the malware mainly affects older Android versions, particularly those ranging from 2.2 to 4.4. Google, meanwhile, has launched Google Play Protect, a tool capable of detecting and removing malware from affected devices.