Security News > 2021 > October > Android spyware apps target Israel in three-year-long campaign
A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day.
The spyware-laden apps were discovered by researchers at Qihoo 360 who found various apps disguised as social applications, Threema, Al-Aqsa Radio, Al-Aqsa Mosque, Jerusalem Guide, PDF viewer, Wire, and other applications.
The researchers believe the initial vector for these apps is a Facebook post or WhatsApp message that points victims to a website that hosts the APK and offers it for download. In some cases, the messages contain a Google Drive link to a supposedly important classified PDF document.
The target is then urged to download an APK that pretends to be the mobile version of Adobe Reader, but which is actually spyware.
In October 2020, they were uncovered for using Android spyware disguised as Threema and Telegram against devices in Israel.
A few months earlier, they baited Israeli soldiers through custom spyware apps made to appear as legit dating apps.