APPS
APPS
APPS
Newly detected Android spyware linked to Israeli ‘cyberwarfare’ group
Google Inc. has shut down a newly discovered form of Android spyware linked to an Israeli company that specializes in “cyberwarfare.”
Called “Lipizzan,” the spyware was found to be bundled with 20 apps and is claimed to exfiltrate a user’s email, SMS messages, location, voice calls and media. In a blog post, the Google Android team said that they believe that the spyware and apps were “distributed in a targeted fashion to fewer than 100 devices in total” and that the recently launched Google Play Protect has notified all affected devices and removed the Lipizzan apps.
The spyware was deployed to targets in two stages. The first stage was distributed “through several channels, including Google Play,” with the apps pretending to offer legitimate services. Once installed, the Lipizzan-infected apps downloaded and ran a “license verification” stage which resulted in the Android device being completely compromised.
Spyware and malware are hardly news in 2017, but where Lipizzan gets interesting is that the Android team named Equus Technologies as the author. According to the company’s LinkedIn page, the Israeli firm is “a privately held company specializing in the development of tailor made innovative solutions for law enforcement, intelligence agencies, and national security organizations.”
This isn’t the first time spyware from companies such as Equus Technologies has been discovered. The Google Android team previously detected “Chrysaor,” a similar form of spyware attributed to the somewhat infamous NSO Group. Another Israeli company that specializes in government-level spying, it was linked in February to a spyware campaign used by the Mexican government.
As always, users are advised to practice safe Internet: Don’t download apps outside of the Google Play Store and have antivirus software installed. In addition, Google advises users to ensure they have opted into Google Play Protect.
Image: Etamme/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
