Android Apps With Spy Software

Uploaded on 2017-08-29 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Cybersecurity researchers have warned against using certain phone messenger applications because they have the capability to steal data from the devices they infect.

The researchers from SophosLabs  have identified three cases of “‘sonic-spy” infused apps in Google Play, the official app store for Android devices.

According to Bill Brenner from Sophos, sonic-spy infused apps have the ability to record audio, take photos with the device’s camera, make calls, send text messages, and retrieve data from contacts and call logs.

Identified Apps

Mr Brenner identified the apps that can hide their spying functionality as Soniac, Hulk Messenger, and Troy Chat. It is understood that Google removed the apps from its store after they were discovered.

“Google gets criticism when these things are found on Google Play but when they are found they generally take them down. They try to screen as much of this stuff as possible, but it’s difficult,” Mr Brenner told The Irish Times.

Asked how consumers come across this sort of app in the first place, Mr Brenner said: “When a person is downloading an app that turns out to be malicious, almost never are they aware that it’s malicious.

Maybe they find an app that looks like a WhatsApp type of programme and they decide that they want it, or they find an app that looks like a good delivery conduit for music . . . and its typically unbeknownst to the user that there’s code baked into some of these apps that allow the bad guys to go through their contacts, get access to their camera, go through their text messages and ultimately getting into banking apps.”

Sonic-Spy Apps

Added to the three apps identified on Google’s platform, SophosLabs counted 3,240 sonic-spy apps in total, while some reports put the number as high as 4,000.

“The average Android user isn’t going to know what techniques the malware used to reach their device’s doorstep, but they can do much to keep it from getting in,” Mr Brenner said.

He advised users to stick to Google Play, avoid apps with a poor reputation, and ensure the software on your phone is as up-to-date as possible.

Asked whether users of Apple’s IOS system could be affected by similar apps, Mr Brenner said that while there is malware designed to affect Apple users, it’s a lot harder to get apps into its app store than it is with Google.

Irish Times:

You Might Also Read: 

Intelligence Agency Backs Start-Up Spy Apps:

Apple Removes Spy Apps:

« Very Few UK Girls Took Computing A-level
Cyber Criminals Have Access To Weapons Grade Hacking Tools »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Echelon

Echelon

Echelon Company is a provider of information security services specializing in certification of security software and hardware products in Russia.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

Secure Source

Secure Source

Secure Source specialise in search and recruitment for Cyber Security and Security Cleared markets.

SISSDEN

SISSDEN

SISSDEN will improve cybersecurity through the development of increased awareness and the effective sharing of actionable threat information.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

Procsima Group

Procsima Group

Procsima Group was created to help you achieve good IT management and security excellence.

SMESEC

SMESEC

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats.

OneTrust

OneTrust

OneTrust is the largest and most widely used technology platform to operationalize privacy, security and third-party risk management.

Earlybird Venture Capital

Earlybird Venture Capital

Earlybird is a venture capital investor focused on European technology innovators.

US Army Cyber Command (ARCYBER)

US Army Cyber Command (ARCYBER)

US Army’s Cyber Command (ARCYBER) is engaged in the real-world cyberspace fight today, against near-peer adversaries, ISIS, and other global cyber threats.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

SecurityGen

SecurityGen

SecurityGen is a global cybersecurity start-up focused on telecom security, with a focus on 5G networks.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Marlink

Marlink

Marlink smartly integrates hybrid, future-ready network solutions so you can benefit from the best available connectivity and IT to accelerate your digitalisation and empower your remote operations.

Blackwell Security

Blackwell Security

Blackwell is a driving force in healthcare cybersecurity, transforming how security operations are conducted within this critical sector.

Nexio

Nexio

We are Nexio. We help organisations take every NEXT step toward their accelerated digital transformation.