Dangerous new Wpeeper Android malware adds a backdoor to your phone to steal your data — how to stay safe

Green skull on smartphone screen.
(Image credit: Shutterstock)

With so much sensitive personal and financial information on our phones these days, the last thing you’d want is for hackers to find a way to add a backdoor to your Android device. Well, a new Android malware strain does just that, and it lets hackers syphon off all sorts of valuable data.

As reported by BleepingComptuer, a new Android backdoor malware named “Wpeeper” is currently making the rounds online. So far, it has been discovered on two unofficial app stores where it disguises itself as the Uptodown App Store which as you may have guessed, is another third-party app store for the best Android phones.

According to a blog post from security researchers at Tencent’s XLab, the Wpeeper malware has already managed to infect thousands of devices. At this time though, little is known about the actual scale of the operation as well as what exactly the hackers behind this malware are using all of the data it collects for.

Due to its extensive set of advanced features, Wpeeper is certainly a new Android malware to keep an eye on. Here’s everything you need to know about this new mobile threat along with some tips and tricks on how you can stay safe from malicious apps containing malware.

A backdoor to your digital life

It’s very rare that one comes across a brand new malware strain but Wpeeper appears to be just that after XLab’s researchers analyzed inside a malicious app’s APK file only to discover that it had zero detections on VirusTotal.

Another thing that sets this malware apart from other strains is that it uses compromised WordPress sites to further hide communication between infected devices and the command and control (C2) server operated by the hackers who created it. This may sound overly complicated, but it makes it harder for law enforcement to shut down the operation. Plus, disrupting the way in which data is exchanged between a single infected Android phone and the C2 server is also more difficult.

Once the Wpeeper malware makes its way onto an Android phone — most likely through a sideloaded malicious app – it can then retrieve information about the infected device, gather a list of all apps installed on it, download arbitrary files, retrieve info about specific files and directories on the device, download files and execute them, update the malware and even delete it outright to leave no trace it was ever there.

We’ll likely find more about the malware itself and what the hackers behind it are trying to achieve once more security researchers start looking into things. Until then though, there are still some steps you can take to avoid a Wpeeper infection.

How to stay safe from Android malware

A hand holding a phone securely logging in

(Image credit: Google)

In order to avoid coming down with a nasty malware infection on your Android phone, the first and simplest thing you can do is to avoid sideloading apps altogether. Sure, it may be convenient and some apps actually need to be sideloaded to work at all, but the majority of people will be able to find exactly what they’re looking for on first-party app stores like the Google Play Store, Samsung Galaxy Store or the Amazon Appstore.

The reason you don’t want to sideload apps is that they don’t go through the same rigorous security checks that apps hosted on official stores do. As a result, malware embedded in these apps could easily slip through the cracks.

From here, you’re going to want to make sure that you have Google Play Protect enabled on your Android smartphone. It comes pre-installed on most phones with the Play Store and it’s really useful for fighting off malware thanks to its ability to scan all of your existing apps and any new ones you download for viruses. Likewise, you can also install one of the best Android antivirus apps for additional protection and extra features to help keep you safer online.

As long as people keep sideloading apps and using third-party app stores, hackers will likely continue using both app installation methods as a means to spread dangerous malware. This is why it’s up to you to carefully scrutinize and check every app you install on your smartphone. It may be tedious to do so but this sure beats coming down with a nasty malware infection or letting hackers install a backdoor on your phone.

More from Tom's Guide

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.