Dangerous form of Android spyware found in more than 1,000 apps

More than 1,000 apps infected with a malevolent strain of spyware have been available in Android marketplaces since February – even in the Google Play Store.

SonicSpy – which was discovered by San Francisco-based mobile security firm Lookout – can take photos, send text messages, track and record phone calls, spy on Wi-Fi access points and more. The spyware likely originated in Iraq and was created by the same hackers behind SpyNote, detected by Palo Alto Networks last year.

SonicSpy was found inside messaging app Soniac, which was downloaded thousands of times by Android device users.

“While Soniac does provide this functionality through a customized version of the communications app Telegram, it also contains malicious capabilities that provide an attacker with significant control over a target device,” Lookout said last week.

Various versions of the spyware can carry out 73 different functions.

Once downloaded, the malware removes its icon from the smartphone’s menu. Then, it grants cybercriminals access to the user’s private data by connecting to a command and control server.

Google has eliminated three infected apps from its marketplace – Soniac, Hulk Messenger and Troy Chat – but other applications that may contain the spyware are still available in third-party stores. Up to 5,000 Android users had downloaded Soniac at the time of its removal.

Applications infiltrated with malware are becoming problematic for Android app developers and consumers. As of last spring, an estimated 1.3 to 1.4 billion people owned Android phones, which are somewhat easier to infiltrate than iOS-based devices.

The Google-developed operating system is “more open and adaptable,” which makes it easier to infiltrate than Apple’s operating system.

To avoid SonicSpy, Android smartphone owners should refrain from downloading and installing apps from unknown sources. Reading user reviews is also helpful – apps that show suspicious behavior will…

Read more from the source…

Back to Top