Researchers locate Android spyware that can steal WhatsApp messages

By IANS | Published on 17 Jan 2018
Researchers locate Android spyware that can steal WhatsApp messages
HIGHLIGHTS

Kaspersky said that on the basis of the observed samples and the signatures, it found that the early versions of this Android malware were developed by the end of 2014 and the campaign has remained active ever since.

Advertisements

Access Open Source Technology

Innovate w/ IBM and Discover New Open Source Technology Today. Learn More.

Click here to know more

Researchers from Russian cyber security company Kaspersky Lab have found an Android spyware that has the ability to steal WhatsApp messages via Accessibility Services and connect an infected device to Wi-Fi networks controlled by cybercriminals.

Dubbed as "Skygofree", the malware is claimed to have been found on malicious websites in Italy and is most likely an offensive security product sold by an Italy-based IT company that markets various surveillance wares, Kaspersky wrote in its official blog Securelist late on Tuesday. 

Kaspersky said that on the basis of the observed samples and the signatures, it found that the early versions of this Android malware were developed by the end of 2014 and the campaign has remained active ever since. According to tech website Arstechnia, the malware has undergone continuous development since its creation with the latest version having 48 different commands. 

"High-end mobile malware is very difficult to identify and block and the developers behind "Skygofree" have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion," The Telegraph quoted Alexey Firsh, Malware Analyst at Kaspersky, as saying. 

The discovery is concerning because of its ability to record encrypted WhatsApp messages. It is able to do this by tricking an Android feature that was designed to help users with disabilities by making apps more accessible. 

The spyware can read messages displayed on the screen through the Android Accessibility feature, including messages a victim sends on WhatsApp, Kaspersky said. The spyware relies on several other exploits to gain privileged root access that allows it to bypass key Android security measures. 

"Skygofree" is capable of taking pictures, capturing video and seizing call records, text messages, geolocation data, calendar events and business-related information stored in device memory. It also includes the ability to automatically record conversations and noise when an infected device enters a location specified by the person operating the malware. The spyware also comes with an ability to recording Skype conversations.

logo
IANS

Indo-Asian News Service

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status