Severity scale:  
  (71/100)

Tizi Android virus. How to remove? (Uninstall guide)

removal by Ugnius Kiguolis - - | Type: Malware
12

Tizi spyware targets Android OS users

Image of Tizi Android virus

Tizi Android virus is a spyware that is designed to track information from social media apps, record calls or audio, take pictures with an affected Android device, read and send SMS messages, get full access to the smartphone or tablet, send GPS location and perform many other dangerous activities.

This version of Android virus was detected in September 2017 by Google.[1] However, the further analysis of cyber threat revealed that it might have been active since 2015. According to the latest data, about 1,300 Android devices were infected with this spyware.

Google Play Protect[2] and Google Threat Analysis Group detected that malicious apps were available on Google Play Store and several third-party app download websites. Authors of the Tizi malware also created a fake site that promoted bogus programs and spread the link via social networks.

Tizi virus mostly aims at African computer users, including Kenya. Nigeria and Tanzania. However, several attacks were held in the United States and other countries in Europe or Asia. This Android backdoor can root the device and install spyware on the affected device.

Malware is designed to track information from social media apps, such as:

  • Facebook,
  • Twitter,
  • WhatsApp,
  • Viber,
  • Skype,
  • Linkedin,
  • Telegram.

After the attack, Tizi Android malware gets full access to the device and might steal information from previously mentioned social media apps, record calls and execute any other commands received from the Command and Control server.

Thus, if you suspect that your smartphone or tablet might be infected with spyware, you should run a full system scan with Reimage in order to remove Tizi malware. However, removal might not be as easy. This Android virus might make system modifications and prevent from using security software.

In this case, you might need to reboot to Safe Mode or even perform a factory reset first. These methods should disable the virus and allow performing automatic Tizi removal.

Tizi malware gets root access to the device exploiting system vulnerabilities

Malware targeted those Android users who use old or outdated versions of the mobile OS. In order to get root access, it exploits these vulnerabilities:

  • CVE-2012-4220,
  • CVE-2013-2596,
  • CVE-2013-2597,
  • CVE-2013-2595,
  • CVE-2013-2094,
  • CVE-2013-6282,
  • CVE-2014-3153,
  • CVE-2015-3636,
  • CVE-2015-1805.

However, it doesn’t mean that latest Android OS users are safe from the attack. If malware cannot get root access automatically, it asks a direct permission. The majority of users do not read what permissions the installed app asks for. Thus, without putting much thinking, people give the malicious app what it wants.

On the affected device Tizi virus establishes a connection to the Command and Control (C&C) server. It uses either HTTPS or MQTT messaging protocol to communicate with the developers and complete their commands.

Distribution methods of the mobile spyware

The Tizi malware was included in a bunch of malicious apps. While some of them were available on the official Google Play Store; others were available on third-party apps stores.

Currently, are known three package names that included Tizi:

  • com.press.nasa.com.tanofresh
  • com.dailyworkout.tizi
  • com.system.update.systemupdate

In order to avoid Tizi hijack or infiltration of another Android virus, mobile security experts from zondervirus.nl[3] recommend following these tips:

  • Check app permissions before installing them;
  • Install app and software updates;
  • Enable Google Play Protect;
  • Enable a secure lock screen;
  • Avoid downloading apps from the suspicious third-party store.

Even though malicious apps might get in Google Play store, chances to download spyware or malware from third-party stores are higher. Thus, you should stick to the official Android app store.

Removal of the Tizi Android malware

If you suspect that your smartphone or tablet was infected with this Android spyware, you have to run the system scan with a mobile antivirus and perform automatic Tizi removal. However, it might be malware removal software’s activity. In this case, you have to boot the device into Safe Mode.

Sometimes, booting to Safe Mode is also impossible. Then, users have to perform a factory reset in order to remove Tizi Android virus from the system. Keep in mind that only resetting mobile to the factory mode is not enough. Scanning the system with Reimage or another anti-malware is needed to wipe out spyware from your device.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Tizi Android virus you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Tizi Android virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.
Press mentions on Reimage

About the author

Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions

References