Google Online Security Blog: From Chrysaor to Lipizzan: Blocking a new targeted spyware family

Security Blog

The latest news and insights from Google on security and safety on the Internet

From Chrysaor to Lipizzan: Blocking a new targeted spyware family

July 26, 2017

Posted by Megan Ruthven Android Security, Ken Bodzak Threat Analysis Group, Neel Mehta Threat Analysis Groupwe announcedFighting Targeted Malware in the Mobile EcosystemHow does Lipizzan work?
Getting on a target deviceOnce implanted on a target device

Call recording

VOIP recording

Recording from the device microphone

Location monitoring

Taking screenshots

Taking photos with the device camera(s)

Fetching device information and files

Fetching user information (contacts, call logs, SMS, application-specific data)

Gmail

Hangouts

KakaoTalk

LinkedIn

Messenger

Skype

Snapchat

StockEmail

Telegram

Threema

Viber

Whatsapp

Android MediaServer

Morphing first stageHow many devices were affected?What can you do to protect yourself?

Ensure you are opted into Google Play Protect.

Exclusively use the Google Play store. The chance you will install a PHA is much lower on Google Play than using other install mechanisms.

Keep “unknown sources” disabled while not using it.

Keep your phone patched to the latest Android security update.

List of samples

Newer version

Standalone 2nd stage

Labels: android , big data , blackhat , spyware , targeted spyware

No comments :

Labels

Archive

2024
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2023
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2022
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2021
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2020
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2019
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2018
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2017
- Dec
- Nov
- Oct
- Sep
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2016
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2015
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2014
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- Apr
- Mar
- Feb
- Jan

2013
- Dec
- Nov
- Oct
- Aug
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2012
- Dec
- Sep
- Aug
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2011
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb

2010
- Nov
- Oct
- Sep
- Aug
- Jul
- May
- Apr
- Mar

2009
- Nov
- Oct
- Aug
- Jul
- Jun
- Mar

2008
- Dec
- Nov
- Oct
- Aug
- Jul
- May
- Feb

2007
- Nov
- Oct
- Sep
- Jul
- Jun
- May

Feed

Give us feedback in our Product Forums.

Google
Privacy
Terms