04 January 19, 11:51
Quote:Once again a spyware disguised as Android applications has made its way into the Google Play store with some of the malicious apps being downloaded more than 100,000 times by users across the globe last year.
Detected as ANDROIDOS_MOBSTSPY and dubbed MobSTSPY, Trend Micro researchers said the malware initially grabbed their attention when it was disguised as a called Flappy Birr Dog.
Upon further investigation, researchers found the the spyware was also hidden in other applications including FlashLight, HZPermis Pro Arabe, Win7imulator, Win7Launcher, and Flappy Bird, according to a Jan. 3 blog post.
The malware has the capability to steal SMS conversations, contact lists, files, and call logs and can steal and upload files stored on the device if the commands are given and uses Firebase Cloud Messaging to send information to its server..
MobSTSPY can also gather additional information via phishing attacks mimicking Facebook and Google credential request pop-ups to steal user’s account details. Even after the victim enters their credentials the pop up will simply state the login was unsuccessful.
Source: https://www.scmagazine.com/home/security...ogle-play/