Security researchers at Kaspersky Lab have identified a new sophisticated espionage software for Android, which can gain complete control of users’ phones and steal information.
The software dubbed as ‘Skygofree’ is “one of the most powerful spyware tools” ever seen for Android that “display capabilities more reminiscent of Hollywood spy movies,” says Kaspersky.
This Android software can trace user’s location, record audio conversations, intercept SMS, calendar entries, monitor popular apps such as Facebook Messenger, Skype, Viber, and WhatsApp, and even read WhatsApp messages through Accessibility Services. It can also connect a device to a Wi-Fi network controlled by hackers, even when the user has disabled Wi-Fi connections or take photos every time the user unlocks his device. The software can also operate in standby mode.
“In practice, this means that attackers can start listening in on victims when, say, they enter the office or visit the CEO’s home,” said Kaspersky Lab. “This lets the victim’s traffic be collected and analysed.”
Although the spyware was identified by Kaspersky’s researchers at the end of 2017, but its existence dates back to 2014. Apparently, Skygofree has already infected several Italian Android users and the software has evolved considerably during the three year period.
“The malware is distributed through fake mobile operator websites, where Skygofree is disguised as an update to improve mobile Internet speed. If a user swallows the bait and downloads the Trojan, it displays a notification that setup is supposedly in progress, conceals itself from the user, and requests further instructions from the command server. Depending on the response, it can download a variety of payloads — the attackers have solutions for almost every occasion,” says Kaspersky.
In order to safeguard against the software, Kaspersky firstly recommends users to install apps only from official online stores (such as Play Store, App Store) and disable installation of apps from third-party sources. Secondly, pay attention to misspelled app names, small numbers of downloads, or dubious requests for permissions. Lastly, install a reliable security solution that will protect your device from most suspicious websites, dangerous links, and malicious apps and files.