With so much sensitive information, including personal and financial data, on cell phones these days, the last thing you want is for hackers to put a backdoor in your Android device. Well, a new strain of Android malware does just that, letting hackers siphon off all sorts of valuable data.

As reported by BleepingComptuer, a new Android backdoor malware named "Wpeeper" is currently making the rounds online. So far, the malware has been found in two unofficial app stores, posing as the Uptodown app store.

According to a blog post by a security researcher at Tencent's XLab, the Wpeeper malware has already successfully infected thousands of devices. At this point, however, little is known about the actual scale of what the hackers behind the malware are using all the data it collects for.

With its extensive and advanced features, Wpeeper is certainly a new Android malware to keep an eye on. Here is everything you need to know about this new mobile threat, as well as tips and tricks to protect yourself from malicious apps, including malware.

However, Wpeeper appears to be just that, as XLab researchers analyzed within the APK files of the malicious app and found zero detections in VirusTotal.

Another way this malware differs from other strains is that it uses a compromised WordPress site to further hide communications between the infected device and the command-and-control (C2) server operated by the hackers who created it. This may sound complicated, but it makes it difficult for law enforcement to stop the activity. It also makes it more difficult to disrupt the way data is exchanged between a single infected Android phone and the C2 server. [Once the Wpeeper malware infiltrates an Android device (perhaps via a side-loaded malicious app), it can obtain information about the infected device, gather a list of all apps installed on the device, download arbitrary files, and download specific information about files and directories, download and execute files, update malware, and even delete malware completely, leaving no traces.

More will be known about the malware itself and what the hackers behind it are up to as security researchers begin to do more research. Until then, however, there are steps that can be taken to avoid Wpeeper infection.

The first and easiest thing you can do to avoid getting infected with nasty malware on your Android phone is to avoid sideloading apps altogether. While it may indeed be convenient, and some apps actually work at all without sideloading, the vast majority of people will be able to find exactly what they are looking for in first-party app stores such as the Google Play Store, Samsung Galaxy Store, Amazon Appstore, etc. They will be able to.

The reason you want to avoid sideloading apps is that they do not undergo the same rigorous security checks as apps hosted on official stores. As a result, malware embedded in these apps could easily slip through the cracks.

From here, you will want to make sure that Google Play Protect is enabled on your Android smartphone. This is pre-installed on most phones along with the Play Store and is really useful for fighting off malware, thanks to its ability to scan all existing apps and new apps you download for viruses. Likewise, you can also install one of the best Android antivirus apps for added protection and additional features to help keep you safer online.

As long as people continue to side-load apps and use third-party app stores, hackers will continue to use the app installation method as a means to spread dangerous malware. Therefore, you need to carefully scrutinize and check the applications you install on your smartphone. It may be tedious, but it is better than being infected with malware or having a backdoor installed by hackers.