Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Detect more than 1,000 spy applications on Android App Stores
Someone tried to upload a third-party app store and Google Play Store thousands of tainted apps, which can monitor almost every user activity on a mobile phone by recording calls silently, create an external call without the user having to do anything.
Called SonicSpy, spyware (spyware) has spread throughout Android app stores since at least February by pretending to be a messaging app - although it does indeed offer messaging services.
SonicSpy can perform many poisoning tricks
At the same time, SonicSpy spy applications can perform many tasks, including silently recording calls and sounds from the microphone, device hijack and snap photos, making external calls (outbound) without requires user permission, sends a message to the number that the attacker chooses.
In addition, SonicSpy also steals user information such as call history, contacts, information about Wi-Fi hotspots that the device connects to, which can easily track the location of the person. use.
This Spyware was discovered by security researchers at mobile security company Lookout. They also found three versions of messaging applications affected by SonicSpy on the official Google Play Store store and have been downloaded thousands of times.
The application is available on the official Play Store but is still poisoned
Although suspicious applications - Soniac, Hulk Messenger and Troy Chat - have been removed from the Store, they are still widely available on third-party stores and other SonicSpy infected applications.
Iraq's connection to SonicSpy spyware
The researchers believe that the malware is related to developers in Iraq and that in total, the SonicSpy malware family supports up to 73 remote instructions for an attacker to execute on an infected Android phone.
Iraq's connection to spyware stems from the similarity between SonicSpy and SpyNote, another Android malware discovered in July 2016 that is a Netflix application and supposedly written by Iraqi hackers.
'There are many signs that the hands behind both are the same director. For example, both have the same code, often using dynamic DNS translation, running port 2222 is not standard, 'said Michael Flossman from Lookout.
Importantly, the name of the developer account behind Soniac on Google Play Store is also iraqiwebservice.
How does SonicSpy Spyware work?
One of SonicSpy's messaging apps on Google Play Store is Soniac. When installed, it will remove the launcher icon from the phone list to hide and connect to the C&C server to try to install the edited version of the Telegram application.
However, the application is really malicious when it allows an attacker to completely control the device, turn it into a spy tool, silently record calls, make calls, images, retrieve data personal.
Before being deleted by Google, it was downloaded between 1,000 and 1,500 times, but since it is one of 1,000 variants, the malware can affect more. SonicSpy can return to Play Store
Although SonicSpy-infected applications have been removed from the Play Store, researchers warn that it may return to a developer account and other application interfaces.
'The malware family behind it shows that they can put spyware in the official app store and be actively developed, the build process is automated, maybe SonicSpy can come back in the future.'
Although Google has introduced many security measures to prevent malicious applications, they still find ways to insert into Play Store.
How to protect yourself from malware
The easiest way is to keep an eye on suspicious applications, even when downloading from Google Play Store and trusting only big names. Also, always read the user review that downloaded the application and verify the application before installing, only empowering related to the purpose of the application.
Do not download applications from third party sources because even though distributed through the official Play Store, most victims are infected with malware through untrusted applications. Finally, don't forget to use anti-virus software to detect and block malware and regularly update devices and applications.
Samuel DanielYou should read it
- What is Clipper Malware? How does it affect Android users?
- New malware detection has terrible spy capabilities never seen on Android
- Google discovered new Spyware on Android called Tizi
- It took three years for Google to discover this dangerous Spyware on Android
- Detect new Android malware fake system update to track and steal user information
- Detecting Android malware can easily steal OTP code without the victim knowing
- Sneaking malware on the Internet
- How to detect and remove malware Agent Smith on Android
May be interested
- Android SDK - Download Latest Android SDK
android sdk is a free and specialized programming language that allows you to create android applications. - No anti-virus software can detect this extremely dangerous new Ransomware on Androida new type of ransomware on android has just been discovered by a researcher on a blog called zscaler. the point that makes this type of ransomware so frightening is that no anti-virus software can detect it.
- FBI agent shared 8 ways to detect liarsgreat way to detect extremely liar.
- Science reveals 5 simple ways of detecting lieswith 5 ways to be scientifically proven below, you can rely on expressions of words and expressions to detect a person who is lying. especially the last way can detect liars to 99% accurate.
- Chrome is using Gemini Nano AI to detect phishingai is changing the way chrome browsers, android devices, and google search detect and prevent fraudulent activity in real time.
- 5 unique apps that Android TV users should install todayas android tv continues its never-ending attack on every family's living room, users are increasingly looking for applications not available on the smartphone version of the operating system, or at least applications. more useful applications on the big screen.
- How to set a password to download applications on Androidto limit unwanted application downloads on android, you should set a password to download applications on android.
- The best Raw photography app for Androidin raw format, image quality will be improved. you can also modify the parameters of the image. when an android device stores raw images, it will store an additional copy of the image. here are the best raw photography apps for android.
- How to detect clicks outside a React component using a custom hookmost web applications react to click events in different ways, and detecting exactly where the click is is important for the ui to function properly.
- How to set default applications on Androidsetting default applications on android is a simple way to help you choose default applications that will always run in every task on samsung, lg, asus, lenovo phones. follow the instructions in this tipsmake article to do it, okay?
Tech info
- 7 signs that your design style is out of date
- Why is Firefox faster, uses less memory and still can't win Chrome?
- How do hackers turn thousands of bitcoin virtual currencies after stealing into cash?
- ShieldFS can stop and reverse the effects of extortion code
- Hacker attacks Chrome utility to install malware
- HBO hacked, leaked episodes with the Game of Thrones script
7 signs that your design style is out of date
Why is Firefox faster, uses less memory and still can't win Chrome?
How do hackers turn thousands of bitcoin virtual currencies after stealing into cash?
ShieldFS can stop and reverse the effects of extortion code
Hacker attacks Chrome utility to install malware
HBO hacked, leaked episodes with the Game of Thrones script