The more popular the mobile phone system becomes, it becomes more attractive to hackers. It seems that Google Play Store, as well as most other third-party App Stores, were recently burdened with thousands of malware apps. These spyware apps are geared to monitor practically anything a mobile user does, and even execute commands from the hacker. Most of these spyware apps belong to a malware group named SonicSpy that has been spreading since the February of 2017, usually masquerading as a messaging app. To make the pretense even more believable, this malware can actually perform the messaging service it pretends to be!
Spyware that can do a lot of damage
It seems that more the Android system is developed, it attracts even more and more dangerous malware. As the distributor of the official software, Google Play Store is making all the attempts to remove all malware, but with the number of malware cropping up, it seems like trying to find a needle in a haystack, third-party app stores is an even greater problem. The estimate concerning this latest flood of malware is over of a thousand infected apps.
The most recent batch of spyware belonged to the SonicSpy malware group and was discovered by researchers at the Lookout mobile security company. Pretending to be an official messenger service, the malware was spread under the names such as "Soniac," "Hulk Messenger" and "Troy Chat." Google Play Store acted to remove the spyware, but it is quite possible that these infected apps are still available through third-party app stores.
While the user innocently thinks he is exchanging messages with a friend, the malware would be able to record calls and microphone audio, hijack the camera and make snapshots, but also make outbound calls and send text messages directed by the hacker. As with other such malware, it was able to steal the relevant user information including Wi-Fi access points, making it possible to track user's location.
According to the researchers, the source of all SonicSpy malware seems to originate from a developer located in Iraq. They base this conclusion on the fact that there are similarities to another string of Android malware discovered in July 2016 and named SpyNote, supposed Netflix app, also connected with an Iraqui hacker.
How to avoid spyware
Of course, it is very hard for the end user to distinguish between legitimate and malware apps, there are always certain precautions that can help in avoiding damaging apps. While Google Play Store has an arduous task of eradicating such malware, it is still the most reliable source of Android apps, and the users should try to stick to known and trusted brands of apps. It is always advisable to check user reviews and grant permissions to the apps only for the functions they are supposed to perform.
While third-party app stores seem to offer better deals and more free software, they are usually more infested with malware because they have less stringent controls. As is the case with computers and tablets, mobile phones also need to be supplied with a good antivirus software, usually the first barrier to any malware attack, no matter how effective it is.