Google Boots Apps with Spyware from Store

Web Services

Researchers at the security firm Lookout discovered at least three messaging apps on the Google Play Market carrying spyware that can hijack people’s phones, completely undetected.

One of the apps, Soniac, contained malware that could record audio, make calls, send text messages and collect sensitive data like contacts, call logs and Wi-Fi access, according to ArsTechnica. Thousands of Android users downloaded the app before Google removed it from its store. Two other apps containing spyware—Hulk Messenger and Troy Chat—were also taken down from the site.

Lookout determined the three apps all come from a family of malware the organization dubbed SonicSpy. Researchers found more than 4,000 SonicSpy apps that have been available to Android users across a variety of channels.

“What’s commonly seen in all SonicSpy samples is that once they compromise a device they beacon to command and control servers and await for instructions from the operator who can issue one of seventy-three supported commands,” researcher Michael Flossman told ArsTechnica in an email. “The way this has been implemented is distinct across the entire SonicSpy family.”