Security News > 2023 > January > SpyNote Android malware infections surge after source code leak

SpyNote Android malware infections surge after source code leak
2023-01-05 15:17

The Android malware family tracked as SpyNote has had a sudden increase in detections in the final quarter of 2022, which is attributed to a source code leak of one of its latest, known as 'CypherRat.

Threat actors quickly snatched the malware's source code and launched their own campaigns.

All SpyNote variants in circulation rely on requesting access to Android's Accessibility Service to be allowed to install new apps, intercept SMS messages, snoop on calls, and record video and audio on the device.

To hide its malicious code from scrutiny, the latest versions of SpyNote employ string obfuscation and use commercial packers to wrap the APKs.

Threat actors currently use CypherRat as a banking trojan, but the malware could also be used as spyware in low-volume targeted espionage operations.

ThreatFabric believes that SpyNote will continue to constitute a risk for Android users and estimates that various forks of the malware will appear as we head deeper into 2023.


News URL

https://www.bleepingcomputer.com/news/security/spynote-android-malware-infections-surge-after-source-code-leak/