The Google Play Protect team said it identified a new strain of Android spyware called Tizi found inside several apps previously available via the Google Play marketplace. The recent discovery triggered a wider investigation by Google who said apps infected by the Tizi malware date back to 2015.
Recent samples of Tizi allowed an attacker to root a targeted device and steal sensitive data from apps such as Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn and Telegram. Specific geographies targeted were Kenya, Nigeria and Tanzania, Google said. A smaller number of victims resided in the United States, researchers said.