The Tordow malware will take over phones, steal info and more.
Tordow is a shorter, more polite name name for Trojan-Banker.AndroidOS.Tordow.a which is seeing wide distribution. This malware is by no means new, having first been identified in February of this year, but it is growing.
The infection seems to be growing due to infected versions of such popular apps as Pokémon Go, Telegram, Subway Surfer and more. These apps have been repackaged with the malware hidden away inside, and once installed, the malware is triggered and goes about it’s business. And what a business it is.
The malware will initially gain root access to the phone, and once doing so, the malware has full control of the user’s device. It can then steal contacts, make phone calls, send, steal and delete SMS messages. Tordow can also download and run additional aps on the phone, rename files, and upload files from the phone to the malware operator’s servers. What files is it sending? Browser history and passwords, as well as the user’s photos from the device.
As always, Android users need to show care when choosing apps to download. In this case, these apps are malware riddled versions of very popular apps, loaded on third party appstores. But we do know that malware has made it in to the Google Play Store. Ensure that the developer developer name is correct when downloading apps, and check the reviews.
This is a good time to remember that BlackBerry Android has yet to be rooted. Aren’t you glad you chose BlackBerry?