Advanced Android Malware Discovered
Kaspersky Lab researchers have uncovered one of the most advanced mobile implants ever seen.
The implant, named Skygofree includes functionality never seen in the wild before, such as location-based audio recording through infected devices. The spyware is spread through web pages mimicking leading mobile network operators.
Ones of its techniques, to silently infiltrate Android phones and siphon off WhatsApp messages, put it in the realms of one of the most advanced forms of malware targeting Google's operating system ever seen.
Kaspersky’s telemetry suggests that the spyware has been active since 2015, the version they analysed was re-written in 2017, and the infected individuals currently seem isolated to Italy.
The code and functionality, they say, have changed numerous times; from simple unobfuscated malware at the beginning to sophisticated multi-stage spyware that gives attackers full remote control of the infected device.
The implant provides the ability to grab large amounts of data, like call records, text messages, location, audio, calendar events, and other information stored on the device and could force a device to connect to Wi-Fi networks controlled by the malware creator(s).
'Skygofree' is so named because the word was used in one of the domains connected to the malware. The malware has no connection to Sky, Sky Go or any other subsidiary of Sky, and does not affect the Sky Go service or app.
More details released by Kaspersky available at https://securelist.com/skygofree-following-in-the-footsteps-of-hackingteam/83603/
Industrial Pixel provide programming services, technical support and hosting to businesses in all sectors. Contact us for more information.