Kaspersky uncovers 'world's most powerful' Android spyware tool, Skygofree

The spyware steals WhatsApp messages and your passwords

Trojan virus

KasperskyLab has uncovered a new security vulnerability affecting Android devices, claiming it's one of the world's most powerful Android spyware tools.

Named 'Skygofree', the threat apparently enables attackers to hack into Android smartphones and tablets and extract WhatsApp messages from victims' devices.

"The malware can also monitor popular apps such as Facebook Messenger, Skype, Viber, and WhatsApp," Kaspersky'sAnna Markovskaya revealed in a blog post. "In the latter case, the developers again showed savvy; the Trojan reads WhatsApp messages through Accessibility Services."

The tool is not a new one, either. While it was only recently discovered, the Russian security giant says it dates back as far as 2014.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Warning of the dangers of the spyware tool,Markovskaya explained that Skygofree can not only take audio from a smartphone's microphone when it's in a certain location, but also force infected devices to surreptitiously connect to a Wi-Fi network and gather even more personal data. This, the firm said, lets it collect and analyse a victim's web traffic, meaning someone somewhere will know exactly what sites they looked at and what logins, passwords, and card numbers they entered.

"The payload uses the Android Accessibility Service to get information directly from the displayed elements on the screen, so it waits for the targeted application to be launched and then parses all nodes to find text messages,"Markovskaya said.

"Essentially, Accessibility Services provide[s] a nice route into other applications as they have permission to do so, via an application programming interface (API)."

In a seperate SecureList blog, Kaspersky security experts concluded thatSkygofree is "one of the most powerful spyware tools that we have ever seen for this platform". Nevertheless, the teamsaid it has only logged a few infections of the tool, and those have all been in Italy. While that doesn't sound very scary unless you live in Italy, the firm said that this doesn't mean that users in other countries can let their guard down, as malware distributors can change their target audience at any moment.

Kaspersky'sMarkovskaya issued three ways users can protect themselves against this advanced Trojan, just like any other infection.

The first is by only installing apps only from official stores and disabling installation of apps from third-party sources, which you can do in your smartphone settings.

Advertisement - Article continues below

The second is by not downloading an app if you're in any doubt whatsoever.

"Pay attention to misspelled app names, small numbers of downloads, or dubious requests for permissions any of these things should raise flags,"Markovskaya also warned.

Finally, she advised that users should install a reliable security solution in order to protect your device from most malicious apps and files, suspicious websites, and dangerous links.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020