According to Zimperium zLabs, 23 malicious applications infected “thousands of victims”.
Android users should be concerned about new malware. It’s called PhoneSpy, and Zimperium says its lab’s research team has discovered 23 apps that are used to distribute it; So far, thousands of devices have been attacked.
“These malicious Android apps are designed to run in the background,” Zimperium explains, “and constantly spy on their victims without arousing suspicion. We believe the malicious actors responsible for PhoneSpy are storing significant amounts of personal and corporate information. about the victims they collected, including private messages and photos. ”
PhoneSpy has full control over infected devices. According to Zimperium, it can be used to steal call logs, text messages, photos, and other data; Record audio, record videos, and take photos; and among other things, send SMS or answer phone calls. It also hides the icon of the app that infected the device, making it difficult to identify victims.
“As with other mobile spyware we’ve seen, data stolen from these devices could be used for extortion and personal and commercial espionage,” Zimperium explains. “Malicious actors could take notes on the victim, upload stolen material, and collect information for other nefarious practices.”
According to Zimperium, the 23 malicious programs associated with spyware were not found in the Play Store or in “regional or third-party stores.” This leads the company to believe that “it is most likely spread by redirecting web traffic or social engineering.”
It is not known if PhoneSpy targets specific people, organizations, or industries. Zimperium notes that the stolen information could be used to blackmail victims or facilitate phishing attempts, but the company has not indicated that it has detected such tracking attacks, so the goal of the malware at this point is simply collect as much as possible. . . possible data.