Kaspersky warns of Android malwares capable of jeopardizing user privacy and security

Three new dangerous Android malware variants have been analyzed by Kaspersky researchers.

The Tambir, Dwphon, and Gigabud malicious programs exhibit diverse features, ranging from downloading other programs and credential theft to bypassing two-factor authentication and screen recording, jeopardizing user privacy and security.

In 2023, Kaspersky solutions blocked nearly 33.8 million attacks on mobile devices from malware, adware, and riskware, highlighting a 50% global increase of such attacks from the previous year’s figures.

Android malware and riskware activity surged in 2023 after two years of relative calm, returning to early 2021 levels by the end of the year.

Last year Kaspersky detected more than 1.3 million unique malicious installation packages targeting the Android platform and distributed in various ways. Among these were Tambir, Dwphon and Gigabud malicious programs with the diverse features..

Tambir is a spyware application disguised as an IPTV app. It collects sensitive user information, such as SMS messages and keystrokes, after obtaining the appropriate permissions.

Gigabud, active since mid-2022, was initially focused on stealing banking credentials from users in Southeast Asia, but later crossed borders into other countries and regions. It has since evolved into a fake loan malware and is capable of screen recording and mimicking tapping by users to bypass two-factor authentication.

Dwphon, discovered in November 2023, targets cellphones from Chinese OEM manufacturers, primarily targeting the Russian market. The same malware earlier had been found in the firmware of a kids’ smart watch by an Israeli manufacturer distributed mainly in Europe and the Middle East. Dwphon is capable of downloading, installing and deleting other applications on the device.

Read More: Phishing attacks grow by 40% in 2023, Kaspersky reports

“Users should exercise caution and should avoid downloading apps from unofficial sources, meticulously reviewing app permissions. Frequently, these apps lack exploitation functionality and depend solely on permissions granted by the user. Furthermore, using anti-malware tools can help preserve the integrity of your Android device,” comments Hafeez Rahman, Technical group manager at Kaspersky.

Read the full reports on new Android malware and 2023 mobile malware on Securelist.com.

To protect your Android device, it’s safer to download your apps only from official stores like Google Play. Apps from this market are not 100 % secure, but at least they are checked by shop representatives. A reliable security solution helps you detect malicious apps and adware before they start behaving badly on your devices. Conveniently, you can get protection, like Kaspersky Premium, directly from mobile operators.