Security News > 2021 > November > PhoneSpy: Android spyware campaign targeting South Korean users
An ongoing spyware campaign dubbed 'PhoneSpy' targets South Korean users via a range of lifestyle apps that nest in the device and silently exfiltrate data.
The campaign deploys a powerful Android malware capable of stealing sensitive information from the users and taking over the device's microphone and camera.
The 'PhoneSpy' spyware comes disguised as a Yoga companion app, the Kakao Talk messaging app, an image gallery browser, a photo editing tool, and more.
Zimperium identified 23 laced apps that appear as harmless lifestyle apps, but in the background, the apps run all the time, silently spying on the user.
Apart from the spyware functionality, some apps also actively try to steal people's credentials by displaying fake login pages for various sites.
The initial distribution channel for the laced apps is unknown, and the threat actors did not upload the apps to the Google Play Store.