This Android malware spies on you, identified with 23 apps
The PhoneSpy malware is destroying privacy on Android devices and has been identified with 23 apps so far. Here's what you need to do.
In the latest episode of Android malware attacks, a spyware has been found infecting devices across the US the Korean markets. Called the PhoneSpy, this malware has been found infecting 23 Android apps but thankfully, none of them are associated with any of the apps available on the Google Play Store.
“Unlike other spyware campaigns we have covered that take advantage of vulnerabilities on the device, PhoneSpy hides in plain sight, disguising itself as a regular application with purposes ranging from learning Yoga to watching TV and videos, or browsing photos,” says Zimperium, who reported the malware.
Android spyware out in the wild
However, the spyware is able to steal crucial data, including messages, images and even offering remote control of the device.
“The data stolen from victim devices ranged from personal photos to corporate communications. The victims were broadcasting their private information to the malicious actors with zero indication that something was amiss,” says Zimperium.
Here's what the malware can do:
- Complete list of the installed applications
- Steal credentials using phishing
- Steal images
- Monitoring the GPS location
- Steal SMS messages
- Steal phone contacts
- Steal call logs
- Record audio in real-time
- Record video in real-time using front & rear cameras
- Access camera to take photos using front & rear cameras
- Send SMS to attacker-controlled phone number with attacker-controlled text
- Exfiltrate device information (IMEI, Brand, device name, Android version)
- Conceal its presence by hiding the icon from the device's drawer/menu
“The application is capable of uninstalling any user-installed applications, including mobile security apps. The device's precise location is available in real-time to the malicious actors, all without the victim knowing. The spyware also enables the threat actor to use phishing pages for harvesting credentials of Facebook, Instagram, Google, and Kakao Talk,” says the post.
How to stay safe from this malware?
The malware is mostly spreading on Android devices in Korean and US markets as of now. If you are using an Android device, this is what you need to keep in mind.
-Avoid downloading and installing apps from untrusted third-party app stores. It is advisable to stick to Google Play Store for downloading all your apps.
-Never click on any suspicious link sent via SMS messages and emails.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.