What is SpyDealer?
SpyDealer is an advanced Android malware that mainly impacts Asian users. It is designed to retreat data from 40 popular Android apps. Two of them are WhatsApp and Facebook. It is considered an advanced form of Android malware.
The name itself suggests that SpyDealer is used for spying purposes, such as recording phone calls, capturing screenshots. Its capability of controlling a device remotely via SMS, UDP and TCP communications make it even scarier.
How does it work?
SpyDealer takes over an infected device by using the commercial rooting app called 'Baidu Easy Root'. After that, it gains access to popular apps such as Viber, Skype and steals user's private messages. As mentioned earlier, SpyDealer can control the device remotely via UDP, TCP and SMS channels.
Once it infects the device, it easily collects all information such as phone numbers, contacts, accounts, SMS messages, phone call history, device's location, etc. SpyDealer can also answer incoming phone calls.
WeChat, Facebook, WhatsApp, Skype, Line, Viber, Tango, Telegram, Sina Weibo, Tencent Weibo, Android Native Browser, Firefox Browser, Oupeng Brower, NetEase Mail, Taobao, and Baidu Net Disk are just some of the apps that SpyDealer has an access to.
It can take control of the front and rear cameras to capture photos without a user's knowledge.
What is so special about SpyDealer?
SpyDealer, affects only the Android versions between 4.4 KitKat and 2.2 Froyo. This means that around 500 million Android devices are vulnerable to having sensitive data stolen if infected with this type of malware.
The creators of SpyDealer are still actively updating the malware. There are three versions of this malware currently in the wild, 1.9.1, 1.9.2 and 1.9.3. The most recent sample was created in May, 2017 while the oldest sample dates back to October, 2015.
As SpyDealer has complete control over the device, it can record calls, take photos and monitor the device's location.
How to prevent SpyDealer from infecting my phone?
You can get infected with SpyDealer by using compromised WiFi networks.
SpyDealer removal
If you are using Zemana Mobile Antivirus premium version (which comes with 15-days free trial), it will protect you by blocking hackers' attempts of hacking your phone. It automatically clasifies SpyDealer samples as malicious.
Due to its behavioural technology, it automatically blocks all kinds of suspicious acitivity or programs on your phone.
This way, you will keep your mobile device safe.
Zemana Mobile Antivirus as a SpyDealer removal tool
If you are looking for a solution that will help you detect and remove SpyDealer, try our Zemana Mobile Antivirus.
- STEP 1: Download Zemana Mobile Antivirus here.
- STEP 2: Press the "Full Scan" button.
- STEP 3: Waiting for the scanning process to finish (if at any point you wish to cancel the process, click on the ''Abort Scan'' button in the footer).
- STEP 4: Zemana Mobile Antivirus will notify you if any threats have been detected so you can remove them.