Researchers at a security company called ‘Lookout’, have identified family of malwares, referred as SonicSpy. SonicSpy can hijack android device and remotely control the smartphones. Samples of Sonicspy was recently found on Google Playstore. Soniac app on Google Playstore, which is marketed as messaging app has infected thousands of other apps hosted on third-party Android app stores.
Malware allows the attacker to control the device, silently record audio, make calls, retrieve call logs, contacts and take photograph. Lookout said in a blog post. While ‘Soniac’ does provide this functionality through a customized version of the communications app ‘Telegram’, it also contains malicious capabilities that provide an attacker with significant control over a target device.
The infected applications that entered Google Play Store are ‘Troy Chat’, ‘Hulk Messenger’ and ‘Soniac Messenger’. The company said the analysed samples contained similarities to ‘SpyNote’, a malware family that was first reported in 2016. Using Android applications to spread malware is becoming common these days.
Earlier, new batch of spyware named ‘Lipizzan’ that could capture users’ text messages, voice calls, location data and photos was discovered and blocked by Google. Google, in a blog post, said it discovered a new family of Android spyware while investigating another spyware named ‘Chrysaor’. ‘Lipizzan’ spyware was capapable of performing tasks that include taking screenshots, taking pictures with the device camera, recording from the device’s microphone, call recording and location monitoring.