Android smartphone users are attacked by the PhoneSpy virus
A new spyware called PnoneSpy attacks through common Android applications. Several thousand users have already fallen victim to it. At the same time, it disguises itself as useful helpers commonly available on Android devices. More information about this threat was provided by the PhoneArena portal.
It attacks via common Android applications
What is really insidious about PhoneSpy is its inconspicuousness. The insidiousness of this spyware lies mainly in the fact that it attacks through common Android applications. These are applications that teach users to practice yoga, stream TV programs and videos, or allow them to view photos on their phone.
These applications actually steal user data. This is a variety of content from photos to corporate communications or sensitive user data. This spyware has a really large amount of sensitive company data available in this way.
Once the infected software is installed on the device, it can be used to take control of the entire device. It is not a problem for an attacker to create photos or various audio and video recordings. The software also handles the exact location of the device via GPS or browsing the content created by the phone. Because PhoneSpy was not found in any of the official app stores, attackers are likely to divert web traffic or use social engineering.
What can PhoneSpy do?
According to the information available, PhoneSpy spyware can do a variety of things with an infected phone. For example, the following list:
- See a complete list of installed applications;
- He steals permits through phishing;
- Steals pictures stored on your phone;
- Monitors GPS position;
- Steals SMS messages;
- Stealing telephone contacts;
- Records real-time video using front and rear cameras;
- Makes the camera available along with photos;
- Filters device information (e.g. IMEI, brand, device name, Android version, etc.);
- He is actively hiding his presence on the phone.
It uses phishing to retrieve large amounts of data
When PhoneSpy is installed on your phone, a phishing page opens that mimics the login pages of a popular South Korean messaging application. Her goal is to steal the permit. Like any application, this application requires permission to access certain features of the phone.
It is not yet clear whether there is a link between the victims of PhoneSpy. The fact remains that this software can send messages on behalf of the owner after an attack. So there is a real chance that attackers are targeting phishing links.
The good news is that the zLabs mobile threat research team has found that 23 Android applications are currently in use in the PhoneSpy campaign. So far, all indications are that the campaign is aimed primarily at South Korean users.
One of the best early warning signs is the comments section of any app store. Here you will find red flags about adware and other applications that could entrust control of your phone to strangers. We can never know when similar software will attack Slovak users. It has happened in the past and it is happening today. Be especially careful when downloading new applications.
Our tip
4ka Android Code: These are the best applications for transportation and travel in 2021