recommended reading

Threatwatch

Google Boots Apps with Spyware from Store

Credential-stealing malware

Researchers at the security firm Lookout discovered at least three messaging apps on the Google Play Market carrying spyware that can hijack people’s phones, completely undetected.

One of the apps, Soniac, contained malware that could record audio, make calls, send text messages and collect sensitive data like contacts, call logs and Wi-Fi access, according to ArsTechnica. Thousands of Android users downloaded the app before Google removed it from its store. Two other apps containing spyware—Hulk Messenger and Troy Chat—were also taken down from the site.

Lookout determined the three apps all come from a family of malware the organization dubbed SonicSpy. Researchers found more than 4,000 SonicSpy apps that have been available to Android users across a variety of channels.

“What’s commonly seen in all SonicSpy samples is that once they compromise a device they beacon to command and control servers and await for instructions from the operator who can issue one of seventy-three supported commands,” researcher Michael Flossman told ArsTechnica in an email. “The way this has been implemented is distinct across the entire SonicSpy family.”

sector

Web Services

reported

August 12, 2017

reported by

ArsTechnica

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown