Kaspersky researchers have analyzed three new dangerous variants of Android malware. Tambir, Dwphon, and Gigabud malware exhibit various functions, from downloading other programs and stealing credentials to bypassing two-factor authentication and screen recording, which compromises users’ privacy and security.
In 2023, Kaspersky solutions blocked nearly 33.8 million malware, adware and risky software attacks on mobile devices, representing a 50% increase worldwide over the previous year. Malware and malware activity for Android increased in 2023 after two years of relative calm, returning to the level of early 2021 by the end of the year. Last year, Kaspersky detected more than 1.3 million unique malicious installer packages targeting the Android platform and distributed in different ways. Among them were malicious programs Tambir, Dwphon and Gigabud with different functions.
Tambir is a spyware application disguised as an IPTV application. Once authorized, it collects sensitive user information such as text messages and keystrokes.
Active since mid-2022, Gigabud initially focused on stealing banking credentials from users in Southeast Asia, but later crossed borders to other countries and regions. It has since evolved into fake credit malware and is capable of screen recording and mimicking users’ taps to bypass two-factor authentication.
Discovered in November 2023, Dwphon focuses on mobile phones from Chinese OEMs, primarily targeting the Russian market. The same malware was previously found in the firmware of children’s smartwatches from an Israeli manufacturer distributed mainly in Europe and the Middle East. Dwphon is able to download, install and remove other applications on the device.
“Users should exercise caution and avoid downloading apps from unofficial sources and carefully check app permissions. These applications often lack exploit functionality and rely only on permissions granted by the user. In addition, using anti-malware tools can help preserve the integrity of your Android device,” comments Hafeez Rahman, Technical Group Manager at Kaspersky.
Read the full 2023 new Android malware and mobile malware reports at Securelist.com.
To protect your Android device, it is safer to download apps only from official stores like Google Play. Apps from this market are not 100% safe, but at least they are checked by store representatives. A reliable security solution helps you detect malicious apps and adware before they start misbehaving on your devices. You can conveniently get protection like Kaspersky Premium directly from mobile operators.