Android Apps With Spy Software

Cybersecurity researchers have warned against using certain phone messenger applications because they have the capability to steal data from the devices they infect.

The researchers from SophosLabs  have identified three cases of “‘sonic-spy” infused apps in Google Play, the official app store for Android devices.

According to Bill Brenner from Sophos, sonic-spy infused apps have the ability to record audio, take photos with the device’s camera, make calls, send text messages, and retrieve data from contacts and call logs.

Identified Apps

Mr Brenner identified the apps that can hide their spying functionality as Soniac, Hulk Messenger, and Troy Chat. It is understood that Google removed the apps from its store after they were discovered.

“Google gets criticism when these things are found on Google Play but when they are found they generally take them down. They try to screen as much of this stuff as possible, but it’s difficult,” Mr Brenner told The Irish Times.

Asked how consumers come across this sort of app in the first place, Mr Brenner said: “When a person is downloading an app that turns out to be malicious, almost never are they aware that it’s malicious.

Maybe they find an app that looks like a WhatsApp type of programme and they decide that they want it, or they find an app that looks like a good delivery conduit for music . . . and its typically unbeknownst to the user that there’s code baked into some of these apps that allow the bad guys to go through their contacts, get access to their camera, go through their text messages and ultimately getting into banking apps.”

Sonic-Spy Apps

Added to the three apps identified on Google’s platform, SophosLabs counted 3,240 sonic-spy apps in total, while some reports put the number as high as 4,000.

“The average Android user isn’t going to know what techniques the malware used to reach their device’s doorstep, but they can do much to keep it from getting in,” Mr Brenner said.

He advised users to stick to Google Play, avoid apps with a poor reputation, and ensure the software on your phone is as up-to-date as possible.

Asked whether users of Apple’s IOS system could be affected by similar apps, Mr Brenner said that while there is malware designed to affect Apple users, it’s a lot harder to get apps into its app store than it is with Google.

Irish Times:

You Might Also Read: 

Intelligence Agency Backs Start-Up Spy Apps:

Apple Removes Spy Apps:

« Very Few UK Girls Took Computing A-level
Cyber Criminals Have Access To Weapons Grade Hacking Tools »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

StoneFly

StoneFly

StoneFly offers High Availability, high performance cluster and scale out storage, and backup and disaster recovery appliances.

FAMOC

FAMOC

FAMOC is an enterprise mobile management solution that delivers comprehensive security and management for applications, documents, email, and mobile devices.

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

PrivateVPN

PrivateVPN

PrivateVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

MENAInfoSecurity

MENAInfoSecurity

MENAInfoSecurity is a regional leader in information security solutions, assurance services and managed services.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Appgate

Appgate

Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles.

Trava Security

Trava Security

Trava simplifies cyber risk management for business owners and IT professionals. Automated assessments, mitigation advising, and data-driven cyber insurance.

Proximity

Proximity

Proximity is a leading professional services organisation providing consulting, legal and commercial advisory solutions with a focus on government and regulated industries.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

Alpha Mountain AI (alphaMountain)

Alpha Mountain AI (alphaMountain)

alphaMountain provides up-to-date domain and IP intelligence for cybersecurity investigational and protection platforms.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.

Screwloose IT

Screwloose IT

Screwloose IT are a national provider of information technology services. We specialise in managed IT, cloud services, cyber security, website design and digital marketing for businesses of all sizes.