Android users have a new threat to be aware of: tracking applications that take information from the devices they attack. Some apps made their way to Google Play, however, most by far are coming from other online sources.
These tracking applications can collect almost any type of data, including SMS tracking, and other personal information like internet surfing habits, user logins, and bank or credit account information.
Analysts from SophosLabs and other organizations have discovered three cases of SonicSpy-infused apps in Google Play: Troy Chat, Soniac, and Hulk Messenger - messaging applications that cover their tracking performance and wait for orders from command-and-control servers.
Google removed the applications from its store after they were found. Researcher Chen Yu said the Google Play versions had “small installation numbers and remained for a brief time”. In spite of the fact that three were found on Google Play, SophosLabs has counted 3,240 SonicSpy applications in the world. A few reports put the number at 4,000. According to various reports, a single bad actor, listed on Google Play as Iraq web service, has delivered these applications since February.
How do they work?
These tracking applications, known as SonicSpy, share the capacity to:
- Silently record audio
- Take photos with the mobile phone’s camera
- Send SMS to whatever telephone numbers the attacker wants
- Make calls and pilfer data
- Recover information from contacts, Wi-Fi access points, and call logs
On the devices it attacks, SonicSpy removes its launch icon to cover itself and then connects to a control server.
Since these tracking Android applications continue to exist, we must utilize an Android antivirus like the free Sophos Mobile Security for Android. By blocking the installation of the tracking applications, regardless of the possibility that they originate from Google Play, you can save yourself much trouble.
In the bigger picture, the average Android user wouldn’t recognize what performances the malware used to achieve their phone’s doorstep, yet they can do much to secure it from getting in, particularly with regards to the applications they pick. With that in mind, here’s some more general advice:
Keep away from applications with a low reputation. In the event that nobody knows anything about a new application yet, don’t install it on a work phone! You will be accused if something turns out badly, and your IT department definitely won’t be happy.
- Always stick to Google Play. Maybe it isn’t perfect, but Google puts much effort into avoiding tracking application arriving in the first place or cleansing it from the Play Store if it appears. Conversely, various alternative markets are almost a free for all, so application creators can upload anything they want, and much of the time do.
- Fix early, fix frequently. When purchasing a new mobile phone, check the vendor’s attitude to updates and the speed with which the patches arrive. Why not put “quicker, more effective fixing” on your list of desirable features, alongside or before the equipment advances like “better camera” and “higher-res screen”?