Android Apps With Spy Software

Cybersecurity researchers have warned against using certain phone messenger applications because they have the capability to steal data from the devices they infect.

The researchers from SophosLabs  have identified three cases of “‘sonic-spy” infused apps in Google Play, the official app store for Android devices.

According to Bill Brenner from Sophos, sonic-spy infused apps have the ability to record audio, take photos with the device’s camera, make calls, send text messages, and retrieve data from contacts and call logs.

Identified Apps

Mr Brenner identified the apps that can hide their spying functionality as Soniac, Hulk Messenger, and Troy Chat. It is understood that Google removed the apps from its store after they were discovered.

“Google gets criticism when these things are found on Google Play but when they are found they generally take them down. They try to screen as much of this stuff as possible, but it’s difficult,” Mr Brenner told The Irish Times.

Asked how consumers come across this sort of app in the first place, Mr Brenner said: “When a person is downloading an app that turns out to be malicious, almost never are they aware that it’s malicious.

Maybe they find an app that looks like a WhatsApp type of programme and they decide that they want it, or they find an app that looks like a good delivery conduit for music . . . and its typically unbeknownst to the user that there’s code baked into some of these apps that allow the bad guys to go through their contacts, get access to their camera, go through their text messages and ultimately getting into banking apps.”

Sonic-Spy Apps

Added to the three apps identified on Google’s platform, SophosLabs counted 3,240 sonic-spy apps in total, while some reports put the number as high as 4,000.

“The average Android user isn’t going to know what techniques the malware used to reach their device’s doorstep, but they can do much to keep it from getting in,” Mr Brenner said.

He advised users to stick to Google Play, avoid apps with a poor reputation, and ensure the software on your phone is as up-to-date as possible.

Asked whether users of Apple’s IOS system could be affected by similar apps, Mr Brenner said that while there is malware designed to affect Apple users, it’s a lot harder to get apps into its app store than it is with Google.

Irish Times:

You Might Also Read: 

Intelligence Agency Backs Start-Up Spy Apps:

Apple Removes Spy Apps:

« Very Few UK Girls Took Computing A-level
Cyber Criminals Have Access To Weapons Grade Hacking Tools »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

Cynalytica

Cynalytica

Cynalytica deliver pioneering cybersecurity and machine analytics technologies that help protect critical infrastructure, securely enable Industry 4.0 and help accelerate digital transformation.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

Blink Ops

Blink Ops

Blink helps security teams streamline everyday workflows and protect your organization better.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

Walacor

Walacor

Walacor’s secure data platform represents the next generation of secure data and blockchain storage with a trust-first approach that revolutionizes enterprise data, and database management systems.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.

Twilio

Twilio

Twilio are the customer layer for the internet, powering the most engaging interactions companies build for their customers. We provide simple tools that solve hard problems.

TELUS

TELUS

TELUS provide Canadian businesses with the services and solutions they need to securely thrive in a digital world. Partner with a cybersecurity leader you can rely on.

Strata Horizon

Strata Horizon

Strata Horizon is a leading cybersecurity solutions provider in the UAE, offering innovative and comprehensive services to safeguard your organization from evolving digital threats.