Dangerous new Wpeeper Android malware adds a backdoor to your phone to steal your data — how to stay safe

News
By published

New malware also uses compromised WordPress sites to hide its messages with hackers

Green skull on smartphone screen.
(Image credit: Shutterstock)

With so much sensitive personal and financial information on our phones these days, the last thing you’d want is for hackers to find a way to add a backdoor to your Android device. Well, a new Android malware strain does just that, and it lets hackers syphon off all sorts of valuable data.

As reported by BleepingComptuer, a new Android backdoor malware named “Wpeeper” is currently making the rounds online. So far, it has been discovered on two unofficial app stores where it disguises itself as the Uptodown App Store which as you may have guessed, is another third-party app store for the best Android phones.

According to a blog post from security researchers at Tencent’s XLab, the Wpeeper malware has already managed to infect thousands of devices. At this time though, little is known about the actual scale of the operation as well as what exactly the hackers behind this malware are using all of the data it collects for.

Due to its extensive set of advanced features, Wpeeper is certainly a new Android malware to keep an eye on. Here’s everything you need to know about this new mobile threat along with some tips and tricks on how you can stay safe from malicious apps containing malware.

A backdoor to your digital life

It’s very rare that one comes across a brand new malware strain but Wpeeper appears to be just that after XLab’s researchers analyzed inside a malicious app’s APK file only to discover that it had zero detections on VirusTotal.

Another thing that sets this malware apart from other strains is that it uses compromised WordPress sites to further hide communication between infected devices and the command and control (C2) server operated by the hackers who created it. This may sound overly complicated, but it makes it harder for law enforcement to shut down the operation. Plus, disrupting the way in which data is exchanged between a single infected Android phone and the C2 server is also more difficult.

Once the Wpeeper malware makes its way onto an Android phone — most likely through a sideloaded malicious app – it can then retrieve information about the infected device, gather a list of all apps installed on it, download arbitrary files, retrieve info about specific files and directories on the device, download files and execute them, update the malware and even delete it outright to leave no trace it was ever there.

We’ll likely find more about the malware itself and what the hackers behind it are trying to achieve once more security researchers start looking into things. Until then though, there are still some steps you can take to avoid a Wpeeper infection.

How to stay safe from Android malware

A hand holding a phone securely logging in

(Image credit: Google)

In order to avoid coming down with a nasty malware infection on your Android phone, the first and simplest thing you can do is to avoid sideloading apps altogether. Sure, it may be convenient and some apps actually need to be sideloaded to work at all, but the majority of people will be able to find exactly what they’re looking for on first-party app stores like the Google Play Store, Samsung Galaxy Store or the Amazon Appstore.

The reason you don’t want to sideload apps is that they don’t go through the same rigorous security checks that apps hosted on official stores do. As a result, malware embedded in these apps could easily slip through the cracks.

From here, you’re going to want to make sure that you have Google Play Protect enabled on your Android smartphone. It comes pre-installed on most phones with the Play Store and it’s really useful for fighting off malware thanks to its ability to scan all of your existing apps and any new ones you download for viruses. Likewise, you can also install one of the best Android antivirus apps for additional protection and extra features to help keep you safer online.

As long as people keep sideloading apps and using third-party app stores, hackers will likely continue using both app installation methods as a means to spread dangerous malware. This is why it’s up to you to carefully scrutinize and check every app you install on your smartphone. It may be tedious to do so but this sure beats coming down with a nasty malware infection or letting hackers install a backdoor on your phone.

More from Tom's Guide

See more Computing News
Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
One phone with skull and crossbones on screen among several other clean-looking phones.
Malicious iPhone apps are spreading screenshot-reading malware on the Apple App Store — how to stay safe
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
Green skull on smartphone screen.
Hackers are spreading info-stealing malware and taking over accounts using fake wedding invitations — how to stay safe
Google Play logo on an android smartphone with corner hole punch camera
At least 5 North Korean spy apps have been found on Google Play — what you need to know
Latest in Malware & Adware
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Latest in News
The Signal app logo displayed on an iPhone, with a screenshot of the Signal app in use displayed on a monitor in the background.
Signal — everything you need to know about the app at the center of the group chat scandal
Robert Downey Jr. revealed as Doctor Doom for "Avengers: Doomsday"
Marvel reveals 'Avengers: Doomsday' casting — follow the latest updates live
Wyze Cam v3
Wyze adds AI-powered filter to its security cameras to cut down on notifications that are “no big deal”
Mark Grayson (Steven Yeun) as Invincible in his blue suit during a scene from "Invincible" season 3 on Prime Video.
'Invincible' season 4 release window just announced — here's when it's coming
Microsoft Copilot app running on a phone with Microsoft logo in background
Microsoft 365 Copilot debuts new research tools for work: here's what that means
COLUMBUS, OHIO - JANUARY 26: Amber Glenn skates in the Women's Free Skate during the U.S. Figure Skating Championships at Nationwide Arena on January 26, 2024 in Columbus, Ohio. (Photo by Matthew Stockman/Getty Images)
Watch World Figure Skating Championships 2025 online – live stream, schedule, what TV channel is it on?
More about malware and adware
Green skull on smartphone screen.

Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware

Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
Two models shown in rain jackets from Columbia and The North Face against a green and blue background with an Amazon Spring Sale badge in between them

7 Amazon Spring Sale outerwear deals I’d buy right now from Carhartt, Columbia, The North Face and more

See more latest
Most Popular
Mark Grayson (Steven Yeun) as Invincible in his blue suit during a scene from "Invincible" season 3 on Prime Video.
'Invincible' season 4 release window just announced — here's when it's coming
The Signal app logo displayed on an iPhone, with a screenshot of the Signal app in use displayed on a monitor in the background.
Signal — everything you need to know about the app at the center of the group chat scandal
Microsoft Copilot app running on a phone with Microsoft logo in background
Microsoft 365 Copilot debuts new research tools for work: here's what that means
Wyze Cam v3
Wyze adds AI-powered filter to its security cameras to cut down on notifications that are “no big deal”
Bella Ramsey and Isabela Merced in The Last of Us season 2
'The Last of Us' season 2 episode 1 title and runtime revealed
Robert Downey Jr. revealed as Doctor Doom for "Avengers: Doomsday"
Marvel reveals 'Avengers: Doomsday' casting — follow the latest updates live
Mark Duplass and Ellen Pompeo in "Good American Family" on Hulu
Hulu top 10 shows — here's the 3 you need to stream right now
Walter Clayton Jr. #1 of the Florida Gators attempts a shot in the second round of the NCAA Men's Basketball Tournament in the build up to the March Madness Sweet 16 (Photo by Jared C. Tilton/Getty Images)
March Madness Sweet 16 live stream: How to watch 2025 NCAA basketball online, schedule, what TV channel is it on?
Samsung QN900F on wall in living room
Samsung Neo QLED prices and release dates drop: here’s when you can buy them
COLUMBUS, OHIO - JANUARY 26: Amber Glenn skates in the Women's Free Skate during the U.S. Figure Skating Championships at Nationwide Arena on January 26, 2024 in Columbus, Ohio. (Photo by Matthew Stockman/Getty Images)
Watch World Figure Skating Championships 2025 online – live stream, schedule, what TV channel is it on?