Severity scale:  

Remove Tizi Android virus (Simple Removal Guide) - Tutorial

removal by Ugnius Kiguolis - - | Type: Malware

Tizi spyware targets Android OS users

Image of Tizi Android virus

Tizi Android virus is a spyware that is designed to track information from social media apps, record calls or audio, take pictures with an affected Android device, read and send SMS messages, get full access to the smartphone or tablet, send GPS location and perform many other dangerous activities.

This version of Android virus was detected in September 2017 by Google.[1] However, the further analysis of cyber threat revealed that it might have been active since 2015. According to the latest data, about 1,300 Android devices were infected with this spyware.

Google Play Protect[2] and Google Threat Analysis Group detected that malicious apps were available on Google Play Store and several third-party app download websites. Authors of the Tizi malware also created a fake site that promoted bogus programs and spread the link via social networks.

Tizi virus mostly aims at African computer users, including Kenya. Nigeria and Tanzania. However, several attacks were held in the United States and other countries in Europe or Asia. This Android backdoor can root the device and install spyware on the affected device.

Malware is designed to track information from social media apps, such as:

  • Facebook,
  • Twitter,
  • WhatsApp,
  • Viber,
  • Skype,
  • Linkedin,
  • Telegram.

After the attack, Tizi Android malware gets full access to the device and might steal information from previously mentioned social media apps, record calls and execute any other commands received from the Command and Control server.

Thus, if you suspect that your smartphone or tablet might be infected with spyware, you should run a full system scan with Reimage Reimage Cleaner Intego in order to remove Tizi malware. However, removal might not be as easy. This Android virus might make system modifications and prevent from using security software.

In this case, you might need to reboot to Safe Mode or even perform a factory reset first. These methods should disable the virus and allow performing automatic Tizi removal.

Tizi malware gets root access to the device exploiting system vulnerabilities

Malware targeted those Android users who use old or outdated versions of the mobile OS. In order to get root access, it exploits these vulnerabilities:

  • CVE-2012-4220,
  • CVE-2013-2596,
  • CVE-2013-2597,
  • CVE-2013-2595,
  • CVE-2013-2094,
  • CVE-2013-6282,
  • CVE-2014-3153,
  • CVE-2015-3636,
  • CVE-2015-1805.

However, it doesn’t mean that latest Android OS users are safe from the attack. If malware cannot get root access automatically, it asks a direct permission. The majority of users do not read what permissions the installed app asks for. Thus, without putting much thinking, people give the malicious app what it wants.

On the affected device Tizi virus establishes a connection to the Command and Control (C&C) server. It uses either HTTPS or MQTT messaging protocol to communicate with the developers and complete their commands.

Questions about Tizi Android virus

Picture of Tizi malwareTizi is an Android spyware that mostly tries to steal personal information from users in Africa.

Distribution methods of the mobile spyware

The Tizi malware was included in a bunch of malicious apps. While some of them were available on the official Google Play Store; others were available on third-party apps stores.

Currently, are known three package names that included Tizi:

  • com.dailyworkout.tizi
  • com.system.update.systemupdate

In order to avoid Tizi hijack or infiltration of another Android virus, mobile security experts from[3] recommend following these tips:

  • Check app permissions before installing them;
  • Install app and software updates;
  • Enable Google Play Protect;
  • Enable a secure lock screen;
  • Avoid downloading apps from the suspicious third-party store.

Even though malicious apps might get in Google Play store, chances to download spyware or malware from third-party stores are higher. Thus, you should stick to the official Android app store.

Removal of the Tizi Android malware

If you suspect that your smartphone or tablet was infected with this Android spyware, you have to run the system scan with a mobile antivirus and perform automatic Tizi removal. However, it might be malware removal software’s activity. In this case, you have to boot the device into Safe Mode.

Sometimes, booting to Safe Mode is also impossible. Then, users have to perform a factory reset in order to remove Tizi Android virus from the system. Keep in mind that only resetting mobile to the factory mode is not enough. Scanning the system with Reimage Reimage Cleaner Intego or another anti-malware is needed to wipe out spyware from your device.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Do not let government spy on you

The government has many issues in regards to tracking users' data and spying on citizens, so you should take this into consideration and learn more about shady information gathering practices. Avoid any unwanted government tracking or spying by going totally anonymous on the internet. 

You can choose a different location when you go online and access any material you want without particular content restrictions. You can easily enjoy internet connection without any risks of being hacked by using Private Internet Access VPN.

Control the information that can be accessed by government any other unwanted party and surf online without being spied on. Even if you are not involved in illegal activities or trust your selection of services, platforms, be suspicious for your own security and take precautionary measures by using the VPN service.

Backup files for the later use, in case of the malware attack

Computer users can suffer various losses due to cyber infections or their own faulty doings. Software issues created by malware or direct data loss due to encryption can lead to problems with your device or permanent damage. When you have proper up-to-date backups, you can easily recover after such an incident and get back to work.

It is crucial to create updates to your backups after any changes on the device, so you can get back to the point you were working on when malware changes anything or issues with the device causes data or performance corruption. Rely on such behavior and make file backup your daily or weekly habit.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware occurs out of nowhere. Use Data Recovery Pro for the system restoring purpose.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions


Your opinion regarding Tizi Android virus