Categories: AndroidMalware

Beware of Dangerous Android Triout Malware That Records Phone Calls, Videos and Steals Pictures

Beware of Dangerous Android Triout Malware That Records Phone Calls, Videos and Steals PicturesBeware of Dangerous Android Triout Malware That Records Phone Calls, Videos and Steals Pictures

A new Android malware strain dubbed Triout found bundled with a repackaged app contains surveillance capabilities and ability to hide the presence in the device.

Security researchers from Bitdefender identified the new Triout malware that contains extensive surveillance capabilities. The malware appears to be first uploaded to virustotal from Russia and most came from Israel.

The Triout malware is a cloned version of the original app that has been removed from Google play in 2016, researchers unclear about how the malware is being distributed, possibly it could be through third-party app stores or through the sites controlled by attackers.

Researchers said in the report that the framework may be a work-in-progress, with developers testing features and compatibility with devices.

Triout Malware Capabilities

It is completely unobfuscated and the C&C servers are still active since May 2018 and it communicates to the C&C server through a single hardcoded IP.

The Spyware records every incoming/outgoing call, and then it sends along with the call date, call duration, and caller name to the C&C server.

Also, it log’s every SMS message with body and sender, then submit with the C&C server.

Another interesting option is the camera usage, it uses both front or the rear camera to take photos and the same sent to the C&C server.

Also, it transfers the GPS Coordinates(Latitude and Longitude) and submits to the C&C server.

Common Defences and Mitigations

  • Give careful consideration to the permission asked for by applications.
  • Download applications from trusted sources.
  • Stay up with the latest version.
  • Encrypt your devices.
  • Make frequent backups of important data.
  • Install anti-malware on their devices.
  • Stay strict with CIA Cycle.

Also Read

Dangerous Android Malware that Steals Banking Credentials, Call Forwarding, Keylogging, and Ransomware Activities

Android Device With Open ADB Ports Exploited to Spread Satori Variant of Mirai Botnet

60,000 Android Devices are Infected with Malicious Battery Saver App that Steals Various Sensitive Data

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Leave a Comment
Share
Published by
Gurubaran
Tags: AndroidMalwarePhone CallsSMSTriot Malware
7 years ago

Recent Posts

RDP and MS Office Vulnerabilities Abused by Kimusky in Targeted Intrusions

The AhnLab SEcurity intelligence Center (ASEC) has released a detailed analysis of a sophisticated cyber…

1 hour ago

New Obfuscation Trick Lets Attackers Evade Antivirus and EDR Tools

Researchers have unveiled a sophisticated new technique that allows attackers to bypass traditional Antivirus (AV)…

1 hour ago

Chinese Hackers Leverage Reverse SSH Tool in New Wave of Attacks on Organizations

The Chinese hacker group known as Billbug, or Lotus Blossom, targeted high-profile organizations across Southeast…

2 hours ago

Linux 6.15-rc3 Released With Key Kernel Bug Fixes

Linus Torvalds announced the release of Linux 6.15-rc3, delivering a fresh batch of bug fixes…

2 hours ago

Hackers Abuse Zoom’s Remote Control to Access Users’ Computers

A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s…

3 hours ago

Speedify VPN Vulnerability on macOS Exposes Users to System Takeover

A major security flaw in the Speedify VPN application for macOS, tracked as CVE-2025-25364, has exposed…

3 hours ago