A malicious software called SonicSpy, that is believed to have originated from Iraq has reportedly infected over 1,000 apps in the Google Play Store.
SonicSpy is disguised as a communications app called ‘Soniac’ that was launched in February this year and mimics the services of existing apps such as Viber and Telegram.
When a user downloads the app through the Google Play Store, it allows hackers to access phone logs, send text messages, make outgoing calls and record them, gain access to Wi-Fi data access points and make use of the built-in camera of the mobile device.
The malicious software was discovered by mobile firm Lookout that has since the discovery been focused on eliminating it.
The firm has warned that if mobile users aren't careful, they could potentially provide sensitive information such as credit card numbers, access codes or ever sensitive photos to those behind the creation of the spyware.
LookOut’s cyber security researchers have said that during its analysis it has found that "Soniac" has considerable similarities to SpyNote, which is another form of malware that emerged in 2016.
The mobile firm has further claimed that it has a strong inkling that the creators of both "SpyNote" and "Soniac" are the same. It has cited the use of dynamic DNS functions and the 2222 port as evidence for its claim.
The firm revealed that the account that spawned "Soniac" is named "iraqiwebservice" and have warned people to be vigilant when downloading new applications with these types of names.
Researchers have suggested that these types of apps will continue to appear online as those behind the creation of these malicious apps has not yet been caught.
SonicSpy includes support for about 73 different remote instructions.
The fear of being infected grows higher as the creators of the malware only get better at creating privacy-breaching applications that can potentially wreak cyber havoc.
No comments:
Post a Comment