Over 20 Android Apps Found with Dangerous Spywares that secretly spy on people through their phones. Have been exposed by cyber-security experts.
MORE than 20 apps that secretly spy on people through their phones have been exposed by cyber-security experts.
That's because they're loaded with PhoneSpy, a piece of software that snoops on people on the sly, researchers from Zimperium report. In a blog post published last week, the US security firm revealed that more than 1,000 Android users have been infected with the newly discovered malware.
This spyware may be targeting your Android phone and trying to steal your personal data, researchers have found. PhoneSpy is a new spyware campaign that has most South Korean users of Android devices in clutches right now, but it will only be a matter of time till it spreads elsewhere. Researchers have noted that this spyware does not leverage existing vulnerabilities of a device but hides in plain sight on it by posing as a legitimate app, such as one for yoga instructions or streaming videos.
The biggest risk that PhoneSpy could be posing to your Android phone is by stealthily uninstalling mobile security apps, researchers at mobile security firm Zimperium have discovered. PhoneSpy was found hiding inside as many as 23 apps that look benign and genuine, much like any other legitimate Android app. But it can do more harm than just stealing the identity of Android apps. Researchers said PhoneSpy can access the camera of the phone it has targeted and use it to take photos and record videos in real time without the user's knowledge. These photos and videos could be a way to commit personal or corporate blackmail, but they can also be used to commit cyber-espionage.
That is scary as it is, but users can stay alert by noticing some unusual instances when they have mistakenly downloaded PhoneSpy-infected apps. These apps ask for excessive on-device permissions and that should be a red flag for you. But if you miss noticing that and give these apps the permissions they ask for, you would be allowing PhoneSpy to control and hide itself from your phone’s app menu and track you in the background. Since the apps are not visible in the app menu, users cannot interrupt PhoneSpy’s stealing process, Zimperium’s Richard Melick told TechCrunch. PhoneSpy has apparently still not made its way to the Google Play Store. Neither was it found inside other app marketplaces on Android. But, according to researchers, spyware is spreading to phones through distribution methods based on web traffic redirection or social engineering. Simply put, these are different tactics that attackers use to lure people into performing certain actions for a reward, but victims end up downloading phony apps. There are also high chances victims will hand over their personal and confidential data while completing these actions.
Right now the headcount of victims stands at 1,000, but all of them are in South Korea, according to Zimperium. But who knows when it will spread and start claiming more innocent Android phone users? Since PhoneSpy belongs to the category of spyware that masquerades as legitimate apps, it is very hard to track it. It also shares similarities with previously-discovered spyware and Stalkerware programs, which, according to researchers, could be a way to compile and combine different features from different programs by attackers. Using off-the-shelf codes makes it easy to hide the identity of the spyware. Zimperium claims to have told off authorities in South Korea and the US, but the spyware is as active and spreading fast. So, keep away from suspicious apps if you do not want your data to be stolen for all nefarious reasons.
Here’s what a PhoneSpy app can do to your phone:
*Steal complete list of the installed applications
*Steal credentials using phishing
*Steal images
*Monitoring the GPS location
*Steal SMS messages
*Steal call logs
*Record audio in real-time
*Steal phone contacts
*Record video in real-time using front & rear cameras
*Access camera to take photos using front & rear cameras
*Send SMS to attacker-controlled phone number with attacker-controlled text
*Exfiltrate device information (IMEI, Brand, device name, Android version)
*Conceal its presence by hiding the icon from the device’s drawer/menu
-------------------------------------------------------
Comments