Android users beware of the new PhoneSpy malware, which some security experts have already warned that could steal sensitive info from its victims. Also, in some cases, the spyware could uninstall security apps on a smartphone.
Android Users and Malware
It is worth noting that apps paired with malware have been storming Android users. Some of these malicious apps go the extra mile, making it to the official marketplace of Google, the Play Store.
Meanwhile, in some instances, the malware could pretend to be a security update just to trick Android users into letting it steal their sensitive information, such as login credentials and financial data.
Android's PhoneSpy Malware
This time around, the security firm that goes by the name Zimperium zLabs warned Android mobile users that about 23 malicious apps are now carrying the latest spyware on the mobile OS of Google.
However, zLabs further noted that the PhoneSpy malware was not found in any Google Play Store apps. So, it turns out that it only exists on third-party apps, which could be sideloaded on Android.
As per the news story of ZDNet, the new spyware in town is found on various types of seemingly harmless Android apps, including messaging apps, photo collection app, streaming apps, and even fitness apps like yoga instruction.
zLabs also found out that the malware is being rolled out via a phishing scam on numerous social media platforms and websites.
In some cases, a replica of a popular Korean messaging app, Kakao Talk, could install the PhoneSpy malware to the Android devices of its users.
PhoneSpy Malware: How Dangerous Is It?
The security firm went on to warn Android users that the said malware could further access and steal sensitive data, including audio recordings, videos, images, as well as their GPS location.
Not to mention that the spyware could also read their messages, contact list, and call log. What's more, the criminal minds could also send messages on behalf of the victim.
zLabs added that the ability of the threat actors to access the contact list of its victims, along with its powers to send text messages, could suggest that the cyberattacks are further targeting the circle of their victims.
On top of that, the spyware could also uninstall any security apps on the device of the victim, purging all means of protection.
PhoneSpy: How to Avoid
As mentioned earlier, zLabs has yet to see the PhoneSpy malware on Play Store apps. As such, victims could only install the said spyware on their Android devices by sideloading innocent-looking malicious apps.
That said, the best way to avoid PhoneSpy is to avoid installing apps coming from third-party platforms.
Although the Google Play Store is also home to some forms of malware, the PhoneSpy seems to be only available in sideloaded apps.
This article is owned by Tech Times
Written by Teejay Boris