The samples of 'SonicSpy' most recently found on the Play Store, called 'Sonic', is marketed as a messaging app, the researchers said on Sunday. It has infected more than 1,000 additional apps hosted at third-party Android app stores.
The malware gives attackers control over the device and allows them to silently record audio, make calls, retrieve call logs, contacts and take photographs, the company said in a blog post.
While 'Sonic' does provide this functionality through a customized version of the communications app 'Telegram', it also contains malicious capabilities that provide an attacker with significant control over a target device.
The infected applications that entered Google Play Store are 'Troy Chat', 'Hulk Messenger' and 'Sonic Messenger'.
The company said the analyzed samples contained similarities to 'Spygate', a malware family that was first reported in 2016.
Using Android applications to spread malware is becoming common these days.
A new batch of spyware named 'Lipizzan' that could capture users' text messages, voice calls, location data, and photos was discovered and blocked by Google in July.
Google, in a blog post, said it discovered a new family of Android spyware while investigating another spyware named 'Chrysaor'.
'Lipizzan' spyware was capable of performing tasks that include taking screenshots, taking pictures with the device camera, recording from the device's microphone, call recording and location monitoring.
News Source: TECH2Last modified on Tuesday, 26 September 2017