‘SonicSpy’ malware apps infiltrate Google Play Store to record calls, steal logs

android-malware-stock-image

Iraqi developer is said to have created over a thousand SonicSpy apps, of which around three managed to get past Google Play Store’s securities.

Security researchers have found a family of malicious apps, which are able to remotely control Android smartphones. These apps are referred to as ‘SonicSpy’, and what is particularly disturbing is that some of these apps have managed to find their way into the Google Play Store.

According to researchers at security firm Lookout, over a 1,000 of these apps have been created by a perpetrator based out of Iraq. These apps have been deployed since February 2017, and at least three – Soniac, Hulk Messenger, Troy Chat – managed to bypass security and were listed on the Play Store. At the time of filing this story, these three apps have been taken down by Google.

Soniac, for one, was a customized messenger. It’s built by inserting spy functions into the public source code of Telegram messaging app. While Soniac did work like a standard messaging app, behind the scenes, the app had the ability to record audio, make and receive calls, retrieve logs, contacts, send SMS, and more. ALSO READ: Hacker who helped stop WannaCry arrested for allegedly selling banking malware

In an email to ArsTechnica, Lookout researcher Michael Flossman said, “What’s commonly seen in all SonicSpy samples is that once they compromise a device they beacon to command and control servers and await for instructions from the operator who can issue one of seventy three supported commands. The way this has been implemented is distinct across the entire SonicSpy family.”

The Lookout researchers further say that there are quite a few similarities between SonicSpy, and another malicious family of apps called SpyNote that was discovered last year.

The discovery of SonicSpy yet again shows what a big task Google has on its hands, when it comes to battling malware apps. Recently, the company revealed how it was using Artificial Intelligence to weed out malicious apps from the Play Store. Despite all the measures, some apps manage to creep into the Play Store, and it is yet another reminder for Android users to be careful about what third-party apps they install on their smartphones. ALSO READ: Before WannaCry and Judy, these 5 malware attacks wreaked havoc globally

from http://ift.tt/2w4ufxk

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s