CyberNews404 - Found on a device targeted in African countries, Tizi is a fully equipped Android backdoor with rooting capabilities as well as installing spyware apps on victim devices to steal sensitive data from popular social media and messaging apps like Facebook, Twitter, WhatsApp, Viber, Skype , LinkedIn, and Telegram.
"The Google Play Protect security team found this family in September 2017 when the scanner tool found an application with rooting capabilities that exploited an old vulnerability," Google said in a blog post. "The team used this app to find more application variants of the Tizi family, the oldest being from October 2015."
Most Tizi-infected apps are advertised on social media sites and 3rd-party app stores, tricking users into installing them.
Once installed, an innocent search application gains root access from an infected device to install spyware, which then contacts its command and control server by sending SMS text messages as well as GPS coordinates from infected devices to specific numbers.
Here's How Tizi Gets Root Access On Infected Devices
To gain root access, the backdoor exploits weaknesses previously expressed on older chipsets, devices and older versions of Android, including CVE-2012-4220, CVE-2013-2596, CVE-2013-2597, CVE-2013-2595, CVE- 2013- 2094, CVE-2013-6282, CVE-2014-3153, CVE-2015-3636, and CVE-2015-1805.
If the backdoor can not access root on the infected device because all registered vulnerabilities are patched, "the backdoor will still try to take some action through the high permission level, asking the user to provide it, especially around reading and sending SMS messages and monitoring, diverting, and preventing outgoing phone calls, "Google said.
Tizi has also been designed to communicate with its command and control server via a regular HTTPS protocol or using the MQTT message protocol to receive commands from attackers and upload stolen data.
The backdoor contains various common capabilities for commercial spyware, such as:
- Stealing data from popular social media platforms and messaging including Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and Telegram.
- Record calls from WhatsApp, Viber, and Skype.
- Send and receive SMS messages.
- Access calendar events, call logs, contacts, photos, and a list of installed apps.
- Steal Wi-Fi encryption keys.
- Record ambient audio and take pictures without displaying images on the screen of the device.
So far Google has identified 1,300 Android devices infected by Tizi and deleted them.
The majority of infected devices are in African countries, especially Kenya, Nigeria, and Tanzania.
![[Learning Module] Metasploit The Penetration Tester's Guide : Basic Absolute For Penetration Testing](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgIGcys0kl5v0lguuoTfjDFY5pdnrH_-ZKRVMSCfvaZXodh3I3Y9Ketrvqw41ekC79J1tTzJ7k6zTOlRrGgh22Q4_3csCi_FPJ9_a3NV7R9q6zhKBV-mGj8NxY2wIU7FE0Gf2sdlkx95A/s72-c/Penetration-Tester-Guide-CyberNews404.PNG)
I am sure a lot of us are still not aware of the recent development of the Blank ATM card.. An ATM card that can change your financial status within few days. With this Blank ATM card, you can withdraw between $2,000-$3,000 -$5, 500-$8,800-$12, 000-$20,000-$35,000 -$50,000 daily from any ATM machine in the world. There is no risk of getting caught by any form of security if you followed the instructions properly. The Blank ATM card is also sophisticated due to the fact that the card has its own security making your transaction very safe and untraceable. i am not a stupid man that i will come out to the public and start saying what someone have not done. For more info contact Mr john and also on how you are going to get your order..
ReplyDeleteOrder yours today via Email: cryptoatmhacker@gmail.com
INSTEAD OF GETTING A LOAN,, I GOT SOMETHING NEW
ReplyDeleteGet $5,500 USD every day, for six months!
See how it works
Do you know you can hack into any ATM machine with a hacked ATM card??
Make up you mind before applying, straight deal...
Order for a blank ATM card now and get millions within a week!: contact us
via email address::{Universalcardshackers@gmail.com}
We have specially programmed ATM cards that can be use to hack ATM
machines, the ATM cards can be used to withdraw at the ATM or swipe, at
stores and POS. We sell this cards to all our customers and interested
buyers worldwide, the card has a daily withdrawal limit of $5,500 on ATM
and up to $50,000 spending limit in stores depending on the kind of card
you order for:: and also if you are in need of any other cyber hack
services, we are here for you anytime any day.
Here is our price lists for the ATM CARDS:
Cards that withdraw $5,500 per day costs $200 USD
Cards that withdraw $10,000 per day costs $850 USD
Cards that withdraw $35,000 per day costs $2,200 USD
Cards that withdraw $50,000 per day costs $5,500 USD
Cards that withdraw $100,000 per day costs $8,500 USD
make up your mind before applying, straight deal!!!
The price include shipping fees and charges, order now: contact us via
email address:::::: {Universalcardshackers@gmail.com}
Whatsapp:::::+31687835881
#STAYSAFE