Security researchers have discovered a new malware app that mimics webpages designed to look like those of telecom operators and tricks users into installing the APK, thereby compromising device privacy. Called Skygofree, the app is also capable of tracking the device location along with recording audio in certain places. Also Read - Microsoft Surface Duo to receive three years of Android OS and security updatesAlso Read - Android phones can now detect and warn of earthquakes anywhere, except for China
Kaspersky Lab discovered that Skygofree spreads from malicious webpages which promise faster network access. Once it lands on a user’s device, it possesses features which allows it to plug into apps including WhatsApp and Skype to snoop on conversations. Also Read - Xiaomi Mi 10 Ultra launched with 120x zoom, Snapdragon 865 and 120W fast charging
It allows hackers to access a lot of exfiltrated data, like call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device. Hackers could potentially take complete remote control of the device as well.
The app was reportedly first spotted in 2014. However, in its current version, it has taken the form of an espionage tool than just a regular malware, Android Authority reports. It is believed to be sold by an Italian security outfit.
To prevent the malicious app taking over your device, avoid installing unauthorized APKs. In a case, you do end up installing it, it is still unlikely to infect the device immediately as it needs root on the device to spread its activity. The creators of the app have developed five known exploits to trespass your devices’ security.
The report says that Android has been patched to block these exploits for years and till the time the target phone is running an even semi-recent build of Android, Skygofree is unlikely to infect the device.