Android slip up
Anti-American anti-virus peddlers Kaspersky Lab has warned that Skygofree might well be the most advanced Android malware ever seen. And the best bit? It’s been around for the last 3 years.
Skygofree, spreads itself through web pages that pretend to be leading mobile operators. It uses many very clever features that have never been seen in the wild:
– Location based sound recording – when an infected user enters a specific location, it can turn on the mic and record any audio it wants
– Ability to intrude the Accessibility Services to nick WhatsApp messages
– Connect an infected devices to any Wi-Fi networks the attackers control
So far, all victims of the attack have been in Italy. This fact makes the researchers speculate the developers themselves are likely to be Italian.
Spyware is scary
Skygofree is a variation of multi-stage spyware that lets attackers have complete remote control of an infected device. It’s been going through continuous development since it was created at the end of 2014, according to Kaspersky. They said:
“The implant carries multiple exploits for root access and is also capable of taking pictures and videos, seizing call records, SMS, geolocation, calendar events and business-related information stored in the device’s memory,”
Really sneakily, the malware adds itself to the “protected apps” list so it’s not even switched off when the screen is off. Nice.
Securelist.com has released a full list of commands, how you can tell if you’re infected, domain addresses used and the phones it targets in a blog post you can read in full here.
Some heavyweight overpaid lawyer at Kaspersky was very, very keen for us to really stress that all this is nothing to do with everyone’s favourite Australian media owner Rupert Murdoch, and is nothing whatsoever to do with Sky, Sky Go or anything else related to Sky. Murdock has already worked out how to legally extract lots of money from lots of us, so he doesn’t need this kind of thing. 😉