Google Deletes Malware That Can Track Android Phones

Amidst the many SMS tracking softwares that Google has discovered on its online app store, the company has recently found a dangerous malware that can also track online accounts including SMS and social media messages contained in some apps that are available in Play Store. The said malware typically targets Android phones whose users have previously installed the Pegasus software. Google has detailed that the said malware can be linked to the new start-up company Equus Technologies which is believed to be part of an Israeli surveillance network. This is due to the fact that its security team has discovered certain indicators contained in the malware’s program itself that pertains to the said company.

Google dubbed the said malware as Lipizzan which, according to its Android security team’s blog post, is a “sophisticated two stage spyware tool.” This malware can appear as a legitimate SMS tracking tool or any other legitimate app such as a sound recording app. Once installed the malware will root into the phone’s software and will begin gathering and monitoring data from other apps installed in the user’s phone such as Viber, WhatsApp, Gmail, Facebook, Skype and many more. The gathered data are then transmitted to the source of the said malware which is believed to be its developer.

The difference with this malware and legitimate SMS tracking tools is that the information or data gathered by this malware can be accessed by an unknown third party and not only those to which the said tool is linked to. Unlike legitimate apps on Google that can track SMS and other messages online, the Lipizzan malware may access not only messages and location data but can also attach itself to the apps installed in a user’s phone and gather personal information such as names, birth dates, names of family members, including social security numbers and passwords. These personal data can in turn be used against the account holder to commit crimes such as fraud and identity theft. These information can also be used for blackmail and threats. Due to such feature, Google has deemed the said malware to be dangerous and illegal which led to the company deciding to delete said malware from their Play Store.

Google is currently working on deleting the apps which it has determined to contain the said malware. The company has also helped users in removing the said malware from devices that have already been affected by it. Google has started investigating on the alleged developer and source of the said malware, Equus Technologies to confirm whether or not rumors of it being part of a complicated Israeli cyberarm network are indeed true. If such is proven, the company may be held liable for civil and criminal charges that may be instituted against them not only by Google but also by those who have been affected by the said malware. So far, the company has yet to respond to such allegations.