Skygofree Android Malware with the Ability to Steal WhatsApp Messages | Digitalbog

Header Ads

Skygofree Android Malware with the Ability to Steal WhatsApp Messages

Security researchers have identified a sophisticated piece of software that has been used to gain full control of people’s Android phones and steal information.
The “Skygofree” spyware implant has been in use since 2014, according to researchers at Russia’s Kaspersky Lab. The team noted that it had interesting functionality that have never been seen in the wild before.
                                         
       Skygofree Android Malware Steals WhatsApp Messages
                                     
In the malware's arsenal of weapons is the ability to track user location, record audio when the target’s phone enters a specific location, connect to attacker-controlled networks, monitor messaging apps, intercept text messages, take photographs, and much more. Kaspersky says its capabilities are " similar to Hollywood spy movies."

The tool, which is “spread through web pages mimicking leading mobile network operators,” can also be used to steal WhatsApp messages, Kaspersky Lab said. The researchers added that Skygofree was “also capable of taking pictures and videos, seizing call records, SMS, geolocation, calendar events and business-related information stored in the device’s memory.”


This appears to be a high-end piece of spyware. With the victims so far all appearing to be in Italy, Kaspersky Lab suggested that whoever created the surveillance tool was likely Italian as well.

“Given the artefacts we discovered in the malware code and our analysis of the infrastructure, we have a high level of confidence that the developer behind the Skygofree implants is an Italian IT company that offers surveillance solutions, rather like Hacking Team,” Kaspersky Lab malware analyst Alexey Firsh said in a statement.

Italy’s Hacking Team security firm hit the headlines a few years back when the company was itself hacked, revealing how it had provided surveillance tools to a variety of foreign governments. These included the human-rights-violating regimes of countries such as Egypt, Uzbekistan, and Sudan, and in 2016 the Italian government responded by revoking Hacking Team’s export license.

Although Skygofree seems to have been most widely distributed in 2015, Kaspersky Lab said its surveillance campaign was still ongoing.

source

No comments