Last week, ArsTechnica reported a claim made by security researchers: that a single threat actor has aggressively swamped Android users with 4000 spyware apps this year—with at least three of the apps making their way onto the official Google Play Store.
One of the successful apps, called Soniac, had up to 5000 downloads before it was eventually pulled from the Play Store. Soniac used a customized version of Telegram to provide messaging functions—and also had the ability to record audio, make calls, send texts and retrieve a whole host of data, all without the user’s knowledge.
Two other apps, Hulk Messenger and Troy Chat, were available in the Play Store but were later removed.
However, it’s claimed that there are over 4000 similar spyware apps that are currently in circulation through other channels, including unofficial app markets and targeted text messages.
These apps form part of a family of malware known as SonicSpy, similar to SpyNote, a malicious app that was identified last year.
The increasing amount of these apps should serve as a stark warning against downloading apps from unofficial app markets, from unknown websites or through direct links sent via DMs, text messages or emails. Of course, that three of the apps in question here were available in the App Store means that extra vigilance is necessary. Never download an app without real credentials, from a developer you can’t verify, and with one a few downloads.
Your privacy is easily lost. Download apps only from official stores and well-known developers—and keep your privacy safe.