Are you using Android? Be warned, a recently discovered PhoneSpy malware has infected over 1,000 Android devices. This spyware performs all types of surveillance activities, like harvesting account passwords, downloading device files, and even recording phone audio and video in real-time!
On Wednesday, the security firm Zimperium posted about the spyware called "PhoneSpy." It was found infecting thousands of South Korean Android users. Any infected device gives the attacker full access to the smartphone's data, communications and services.
When in control, attackers could remotely open the smartphone camera to take photos, record video and audio. They could also active GPS to pinpoint user precise location, view multimedia files on the device and more. The whole process is covert, and spying is done on the victim without raising their awareness.
Android PhoneSpy Malware: Complete List of Functions
According to Zimperium, PhoneSpy functions like an advanced Remote Access Trojan (RAT). This malware performs a wide range of malicious actions like stealing information such as:
- Complete list of installed applications
- User credentials and personal information
- Multimedia content (images, videos, and recordings)
- SMS logs
- Call logs
- Phone contacts
- Device information (IMEI, brand, device name, Android version)
As previously mentioned, attackers could also activate the smartphone functions like:
- Record GPS location
- Record audio real-time
- Record video real-time (both front and rear cameras)
- Send SMS
- Conceal its presence by hiding the icon from the device drawer.
Zimperium researcher Aazim Yaswant emphasized that "These malicious Android apps are designed to run silently in the background, constantly spying on their victims without raising any suspicion. We believe the malicious actors responsible for PhoneSpy have gathered significant amounts of personal and corporate information on their victims, including private communications and photos."
Read also: New Google App Aids People with Speech Impairment: How to Join Project Relate Beta Test to Help
PhoneSpy Spyware Apps
Unlike the usual spyware, which takes advantage of device vulnerabilities, PhoneSpy hides in plain sight. PhoneSpy disguises itself as a legitimate application for learning yoga, watching TV, watching videos, and browsing photos. Up to date, Zimperium discovered 23 applications containing PhoneSpy.
Fortunately, Zimperium said they found no evidence of PhoneSpy in Google Play Store and other third-party app marketplaces. Researchers concluded that PhoneSpy got distributed through web traffic redirection or social engineering.
How to Stay Safe From PhoneSpy
Zimperium researchers are still investigating whether the victims had any connections with one other. They are trying to determine if PhoneSpy was downloaded through SMS messages and phishing links.
Although PhoneSpy victims were only found in South Korea, Android users are recommended to be careful of this dangerous spyware. Android users can stay safe by following these suggestions:
- Do not download apps from the internet. Android users should only download from certified sources like Google Play Store because these sites have active security monitoring features.
- Do not click links from suspicious sources. Researchers suspect phishing tactics might deliver PhoneSpy, so Android users should avoid clicking on links sent by an unknown SMS or email address.
Related Article: Afraid Your Samsung, iPhone Have Virus? 7 Warning Signs Your Phone Is Infected With Virus