Security News > 2020 > October > Beware: New Android Spyware Found Posing as Telegram and Threema Apps
A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware.
"Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging apps, call recording and screen recording, and new stealth features, such as dismissing notifications from built-in Android security apps," cybersecurity firm ESET said in a Wednesday analysis.
The latest version of the spyware detailed by ESET expands on these features, including the ability to collect information from social media and messaging apps via screen recording and screenshots, and even capture incoming and outgoing calls in WhatsApp and read the text of notifications from social media apps, including WhatsApp, Viber, Facebook, Skype, and Messenger.
The infection begins when a victim visits a fake Android app store called "DigitalApps," and downloads apps such as Telegram, Threema, and weMessage, suggesting that the group's motivation behind impersonating messaging apps is to "Justify the various permissions requested by the malware."
Apps downloaded from fraudulent third-party app stores has been a conduit for Android malware in recent years.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/DY7a-k-Hk4k/android-mobile-hacking.html
Related news
- New Android spyware found on phone seized by Russian FSB (source)
- New EagleMsgSpy Android spyware used by Chinese police, researchers say (source)
- Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States (source)
- Russian cyberspies target Android users with new spyware (source)
- Russian cyberspies target Android users with new spyware (source)
- New Android NoviSpy spyware linked to Qualcomm zero-day bugs (source)