Android smartphone users are attacked by the PhoneSpy virus

A new spyware called PnoneSpy attacks through common Android applications. Several thousand users have already fallen victim to it. At the same time, it disguises itself as useful helpers commonly available on Android devices. The portal provided us with more information about this threat PhoneArena.

It attacks via common Android applications

What is really insidious about PhoneSpy is its inconspicuousness. The insidiousness of this spyware lies mainly in the fact that it attacks through common Android applications. These are applications that teach users to practice yoga, stream TV programs and videos, or allow them to view photos on their phone.

These applications actually steal user data. This is a variety of content from photos to corporate communications or sensitive user data. This spyware has a really large amount of sensitive company data available in this way.

PhoneSpy’s New Spyware Threatens Android Devices in South Korea I Source: phonearena.com

Once the infected software is installed on the device, it can be used to take control of the entire device. It is not a problem for an attacker to create photos or various audio and video recordings. The software also handles the exact location of the device via GPS or browsing the content created by the phone. Because PhoneSpy was not found in any of the official app stores, it is likely that attackers are redirecting web traffic or using social engineering.

What can PhoneSpy do?

According to the information available, PhoneSpy spyware can do a variety of things with an infected phone. For example, the following list:

  • See a complete list of installed applications;
  • He steals permits through phishing;
  • Steals pictures stored on your phone;
  • Monitors GPS position;
  • Steals SMS messages;
  • Stealing telephone contacts;
  • Records real-time video using front and rear cameras;
  • Makes the camera available along with photos;
  • Filters device information (e.g. IMEI, brand, device name, Android version, etc.);
  • He is actively hiding his presence on the phone.

It uses phishing to retrieve large amounts of data

When PhoneSpy is installed on your phone, a phishing page opens that mimics the login pages of a popular South Korean messaging application. Her goal is to steal the permit. Like any application, this application requires permission to access certain features of the phone.

android malver
PhoneSpy attacks through common applications I Source: Tech786.com

It is not yet clear whether there is a link between the victims of PhoneSpy. The fact remains that this software can send messages on behalf of the owner after the attack. So there is a real chance that attackers are targeting phishing links.

The good news is that the zLabs mobile threat research team has found that 23 Android applications are currently in use in the PhoneSpy campaign. So far, all indications are that the campaign is aimed primarily at South Korean users.

One of the best early warning signs is the comments section of any app store. Here you will find red flags about adware and other applications that could entrust control of your phone to strangers. We can never know when similar software will attack Slovak users. It has happened in the past and it is happening today. Be especially careful when downloading new applications.


Source: MojAndroid.sk by www.mojandroid.sk.

*The article has been translated based on the content of MojAndroid.sk by www.mojandroid.sk. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!