In the past, there are sources indicating scary Android malwares creating a security hole on the phones and devices.

Recently, blogger, Szymon Sidor, former Googler and current software engineer turned accidental security researcher writes on his blog, Snacks for your mind, revealing that some simple code can force an Android phone to capture pictures in secret. These secret images can then be uploaded in a remote server and the device owner will never ever know about it.

It is a huge security hole in Android and the worst part is that users are unaware of the fact that somebody is secretly spying on them and capturing photos so that it can be uploaded.

In addition while creating an app, Sidor also says that there are many apps on Play Store (for iPhone, its App store) that aim at taking pictures without any visual indication such as ACLU-NJ Police Tape, Mobile Hidden Camera and more but all of these require app activity to be visible and phone screen to be switched on. And some of them manage to record video without visible preview.

As per the blog, Sidor was able to create an app that will get around Android's requirement and displays a preview on the device's screen when the photo is captured. Before he manages to get there, he found a loophole. The app still displays a preview while capturing photos but it is only displayed on one single pixel, which means, it is invisible Since the smartphones display screen have so many pixels, with one light up on a full HD display having more than two million pixels, it is impossible for users to notice, whether the screen is on or off.

There are no specific steps to remove such malwares but users can avoid getting attacked by such attacks.

1. Pay attention to permissions

2. Keep Google Account secure: If somebody can access a Google account then it is easy to install all apps on the phone without approving. To avoid such a case it is important to set up two step verification, changing password frequently with a secure password.

3. Uninstall unused apps

4. High battery consumption and high bandwidth are the main culprits

5. Avoid any services that are running at the background.

6. Swiping app out of application list does not switch off background services, it is necessary to completely switch it off. This can be done by going to the App Info, long press app icon inside menu and drag it to app info section and click force stop. It will ensure that no background services are running.