
It accesses encrypted WhatsApp messages through the Accessibility Services created to help visually or aurally impaired users by scanning what's displayed on the device's display, and can also hijack calls, SMS messages, calendar entries and other information.
The implant, named Skygofree includes functionality never seen in the wild before, such as location-based audio recording through infected devices.
The company says that the malware is called Skygofree (named after one of the domains on which it was first spotted), and is usually disguised as a downloadable app on fake sites created to resemble those of mobile carriers, and promises to increase your internet speeds.
The malware is able to carry out location-based audio recordings, meaning it can automatically begin recording the device's surroundings when that device enters a specified place.
Overall, 48 different commands are available to execute by the attackers, Kaspersky explained.
Dubbed Skygofree, the malware was first developed back in 2014 and has gone through a number of code rewrites since then. One Android ransomware found by ESET in October used Android accessibility permissions to activate device administrator rights and silently set itself as the default Home app. Skygofree uses it to grab WhatsApp messages displayed on the screen. Skygofree is capable of taking pictures, capturing video, and seizing call records, text messages, gelocation data, calendar events, and business-related information stored in device memory.
Skygofree can also connect a user's phone to Wi-Fi networks controlled by the attackers, providing them with more access to the device.
More news: Eddie Izzard fails to get elected to Labour's guiding committeeKaspersky Lab has uncovered a new security vulnerability affecting Android devices, claiming it's one of the world's most powerful Android spyware tools.
"Mobile spyware is becoming more effective than PC variants, because victims keep their mobile phone close by them at all times, and such implants can exfiltrate a large amount of sensitive information", Vicente Diaz, Deputy Head of Global Research and Analysis Team at Kaspersky Lab told ZDNet. Many domains are registered for this objective.
The company also found that the spyware appears to be targeting Windows users with recently developed modules.
The victims of this malware were all located in Italy, Kaspersky Lab reported, and it was unclear why they were targeted.
While Alexey Firsh, one of the analysts who wrote the report, warns, "High-end mobile malware is very hard to identify and block and the developers behind Skygofree have clearly used this to their advantage, creating and evolving an implant that can spy extensively on targets without arousing suspicion".
Kaspersky Lab is confident that the developer behind the Skygofree implants is an Italian IT company that offers surveillance solutions.
Related News:
-
Drew Brees rumors: Saints can't use franchise tag
Though there might not be any drama surrounding where Brees winds up, it will be interesting to see what his next deal looks like. So they will have to agree to a new contract at some point before March 16 to keep other suitors from getting a crack at him.Former First Coast receiver Stepherson dismissed from Notre Dame team
Stepherson allegedly walked out of the store with a pair of Nautica sweatpants while Holmes allegedly took a Nautica coat. Stepherson led the Irish with five touchdown catches, despite missing the first four games for an undisclosed suspension.Arron Afflalo, Nemanja Bjelica Ejected from Timberwolves vs. Magic for Fighting
Afflalo played just five minutes, going scoreless and grabbing one rebound before he was tossed. A insane fight broke out in the second quarter of the Magic-Timberwolves game on Tuesday night. -
Carillion liquidation casts doubt on £350m under-construction Birmingham hospital
A Transport Scotland spokesman said: "First of all, our thoughts are with the Carillion workers affected by the announcement". One person on site, who did not want to be identified, said there were 100 staff there - both Carillion and subcontractors.The Price Of These Cryptocurrencies Just Crashed And Here's Why
"This latest crypto-currency hack shows how virtual currency has become a new business model for cyber criminals". This drop in the market is making quite an impact considering just a month ago Bitcoin's value was at $20,000.Trump has high regard for Nigerians -US Ambassador
The minister on Monday summoned the U.S. ambassador to clarify issues regarding the alleged "shithole" remark made by Trump. Tope Ade Elias-Fatile, the U.S Deputy Chief of Mission said his country continue to hold Nigeria in very high regards. -
A new Fable game is reportedly in the works at Playground Games
It seems that Sony's PS4-exclusive Horizon: Zero Dawn provided renewed interest in the open-world RPG genre for Microsoft . Well, the report says that the game is planned to be an open world world action RPG with a focus on character and story.Shell Gives North Sea Shot in Arm With Field Redevelopment
Shell expects its floating platform will have a peak production capacity of around 45,000 barrels of oil equivalent per day. Many North Sea platforms have shut down in recent years as oil prices had languished at historically low levels.Jo-Wilfried Tsonga storms back in 5th set; Rafael Nadal moves on
The Canadian had defeated Stefanos Tsitsipas 6-1, 6-3, 7-6 (5) of Greece in the Australia Open's first round. Shapovalov went on to make the round of 16 before his dream run was stopped by Pablo Carreno Busta . -
Ben Stokes charged over Bristol nightclub brawl
England are now in Australia , where they lead the hosts 1-0 after the opening match of a five-game one-day series. Without Stokes England lost the Ashes to Australia 4-0.Steve Bannon on Capitol Hill for House Intel hearing
Schiff of California, the panel's top Democrat, told reporters that the White House's stance was "completely unsustainable". He said he expected Bannon to return to the committee soon, without any restrictions demanded by the White House.Trump, Republicans Will Be Blamed for Government Shutdown, New Poll Finds
He accused Democrats of wanting to shut down the government over the immigration issue. "We're going to have a CR", said Rep. Democrats are demanding that a DACA fix be part of a spending bill that must pass by Friday to keep the government open.