A malware that spies on Android devices has been discovered in 23 apps. Named PhoneSpy, this Android malware has been active in the US and Korean markets. One relief is that none of the infected applications were present on Google Play Store.
“Unlike other spyware campaigns we have covered that take advantage of vulnerabilities on the device, PhoneSpy hides in plain sight, disguising itself as a regular application with purposes ranging from learning Yoga to watching TV and videos, or browsing photos,” says Zimperium, the mobile security agency that reported the malware.
PhoneSpy is able to steal crucial data including images, call logs, contact and messages, get the complete list of installed apps, record audio and video in real time using cameras and microphone on the phone, extract device information like IMEI number, device name and brand, and can even grant remote access to the device.
“The application is capable of uninstalling any user-installed applications, including mobile security apps. The device’s precise location is available in real-time to the malicious actors, all without the victim knowing. The spyware also enables the threat actor to use phishing pages for harvesting credentials of Facebook, Instagram, Google, and Kakao Talk,” the agency said in a statement.
To stay protected from such malwares, users must never download applications on their phones from untrusted sources. Also, never click on links, or download attachments sent with suspicious emails and messages.