Security experts from Symantec reported on a new malware sample for Android that is able to avoid antivirus detection. The malware called Android.Spywaller collects important personal data from users and sends the information on the servers of the creators of the malware.
When infected with system Android.Spywaller is embedded in the memory of your smartphone or tablet and it is displayed under the app “Google Service”. He tries to get root access and if successful, starts the collection of personal data in the background.
A distinctive feature of this malware is to use mobile firewall DroidWall to prevent detection by antivirus SOFTWARE. Android.Spywaller scans the system for the presence of popular Chinese anti-virus Qihoo 360, and then blocks the unique ID of the program using DroidWall.
As noted by Securitylab, Android.Spywaller intercepts and sends the malicious data about call logs, SMS, location, and browsing history, emails, images and contacts of the victim. In addition, information is collected from popular messengers including WhatsApp, BlackBerry Messenger, Skype, Oovoo, QQ, SinaWeibo,Talkbox, Voxer, and Wechat Zello.
The malware targets the users of Android devices with root privileges, which simplifies the process of installing malware. The company said that in the case of a suspected malware, users should manually remove the program.