Malware ‘SonicSpy’ Sneaks Into Google Play Store; Records Calls, Takes Photos and Sends Texts

This is the latest in a series of malware infected apps on Play Store


Hand holding mobile smart phone

Google Play Store and Android are often plagued with malwares, and usually Google is quick in releasing software fix to upgrade the security in Android smartphones. WannaCry ransomware was probably the last largest threat to PCs and electronics in general.

Some researchers at Lookout have found another malware family called ‘SonicSpy’, that has been included in more than a thousand apps. Around three of these apps have reportedly bypassed Google’s security measures and are available in Google Play Store, affecting smartphones when downloaded.

What Is This SonicSpy Malware?

Since February 2017 these apps, infected with SonicSpy, have been released on Google Play Store, originating from Iraq. Three such apps have been able to clear all of Google’s security measures.

Soniac, a messaging app available on Google Play Store, is one of these apps that provided messaging functions through a customized version of the Telegram communications program. It has around 1,000 to 5,000 downloads already.

It gave the smartphone permissions to take photos from camera, record calls and steal logs, make outbound calls, send text messages to attackers and retrieve personal information from the phone. All this happens without the user’s awareness and permission, and leaves the user vulnerable to data theft.

“Upon first execution SonicSpy will remove its launcher icon to hide itself from the victim, establish a connection to C2 infrastructure, and attempt to install its own custom version of Telegram that is stored in the res/raw directory and titled su.apk,” the blog Lookout said.

There are two other apps – Hulk Messenger and Troy Chat that contain the same functionality as Soniac. Both these apps have been removed since launch when Google developers realized that they contained malware.

What Can You Do To Keep Yourself Safe?

It’s the 21st century and attacks have now moved online. Spywares and malwares are equally dangerous and you must ensure completely safety before even going online.

Firstly, you should stay away from apps that look shady and have poor reviews.

Secondly, exercise all precaution by using free anti-malwares available online. They help to reduce such attacks. Even though Google releases monthly security updates, it doesn’t hurt to take precautions at user’s end as well.

Lastly, don’t wander off to shady websites to download content. These are usually the source of all malware and spyware. These malware might be removed right now, but can surface up anytime in the future.

SpyNote was one such malware that surfaced last year in US and now it is SonicSpy. Download only those apps that have decent ratings and enough reviews.

Leave A Reply

Your email address will not be published.

who's online