A family of malware called Tizi caught the attention of the Google Play security team this week after it was discovered to have created backdoor access on infected devices and allowed attackers to spy on communications.
The malicious software continued to spread online through social media posts advertising apps that are laced with Tizi. While no malware is good, Tizi is a particularly invasive breed. Once a smartphone or tablet running Android is infected by the malware, Tizi can gain root access to the device, which allows it to steal sensitive data from the victim. Unfortunately, Tizi is not the only attack looming nor the only strand of malware capable of the type of unauthorized monitoring that Tizi is capable of performing.
Android as an operating system has been lousy with malware in recent years and while Google has done its part to help crack down on attacks—especially those that appear in the Google Play Store, the company’s official app marketplace—malware still looms large.
For Android owners who find themselves infected by Tizi, or any other form of malware, there are ways to rescue the device and return it to a clean state. Here’s what you should do if you find yourself infected with malware:
1. Stop Using The Infected Device
Before starting on the removal process, it’s best to stop using the infected device. Malware often can steal information and sensitive data or use a victim’s device to generate profit for the attackers. There’s no reason to feed the malicious software what it wants, so set the device aside if possible.
2. Start The Infected Device In Safe Mode
If the device is so essential that it cannot be temporarily turned off, use it in safe mode to minimize the effects of the attack. To do this, hold down the power button on the device. After a few second, a menu should appear with an option called “safe mode” or “emergency mode.” Choose the mode and allow the phone to reboot.
While in safe mode, no third-party apps will be able to operate on the device. That should include any malware that has been installed.
3. Identify The Malware
Getting rid of malware starts with finding it. Malicious software often finds its way onto an Android device while disguised as an app. To find the app, go to the Settings app—typically accompanied by a gear icon—on the device and find the Apps menu.
Scroll through the apps and find the one causing the problem. It will often be a recently installed app or one that doesn’t seem familiar at all. Malware of course doesn’t just label itself as malware so it will take some searching to find the culprit, but most malware can be identified with a little effort.
4. Uninstall The Malware
Once the problem app has been identified, select the app. Choose the “force close” option to shut down its operations if it is running. Then hit “Uninstall” to delete the app from the device.
In many cases, removing the app should be as simple as that. But for malware that has gained root access—which gives the malicious software administrative privileges on the device—the uninstall option may be disabled.
Luckily, there is still a way to remove the malware. Open the Settings app again and scroll to the Lock Screen and Security menu. The name may vary on different versions of Android, but in most instances it will contain the word “Security.” In the menu, search for the “Phone (Device) Administrators” section. If not present, look for “other security settings” and then look for the option in that menu.
Once in the “Administrators” menu, the user should be able to disable the malware’s administrative privileges and uninstall per the steps above.
5. Install Malware Protection
After going through the process of removing malware, most people are going to want to make sure they never have to undertake the effort again. While there is no sure-fire way to prevent malware from infecting a device, there are good precautions that can be taken. First and foremost, install some form of malware protection on the device.
There are dozens of antivirus applications for Android. According to the most recent tests run by the Independent IT-Security Institute, there are 13 apps that scored a perfect five out of five in protection. Those apps were also scored on usability and received varying scores, so research the options and device which one is right for you.
Once installed, run a scan with the antivirus app of your choice and allow it to scrub the device of any malware residue that may have been left behind and identify any threats that may have been missed.
Google recommends activating its Google Play Protect feature, which performs safety checks on apps to make sure they are not infected before being installed on a device and removes those that are already installed.
To enable Google Play Protect, open the Google Play Store, tap the menu and choose the Play Protect option. Make sure the “Scan device for security threats” option is turned on.
It’s also important to make sure a device is always up to date and running the latest version of Android. Operating system patches often fix security flaws and vulnerabilities. Attackers will target those recently patched flaws because they know many people don’t update right away. Stay up to date to avoid those threats.