Security News > 2021 > February > Pro-India hackers use Android spyware to spy on Pakistani military
The malware strains named Hornbill and SunBird have been delivered as fake Android apps by the Confucius advanced persistent threat group, a pro-India state-sponsored operation known to spy on Pakistani and South Asian targets, since at least 2013.
A report from California-based cybersecurity firm Lookout has revealed counterfeit Android apps laden with malware that was used by pro-India actors to spy on Pakistan's military and nuclear authorities, in addition to Kashmir's election officials.
Counterfeit Android apps published by the group include "Google Security Framework," and apps with a regional significance such as, "Kashmir News", "Falconry Connect", "Mania Soccer" and "Quran Majeed" as a part of this espionage operation.
BleepingComputer was able to obtain and analyze a copy of one such SunBird Android app called Falconry Connect.
The researchers stress that none of these apps were distributed via Google Play or any authorized app store.
Mobile users are advised to download apps only from the official app stores and avoid risky websites providing bootleg Android APKs and iOS APPs.