SonicSpy Malware Snoops on Google Play Users via Messaging Apps

Whether it’s a British spy sneaking around a casino, or a cybercriminal looking around your device, all spies snoop to find out information. In fact, a specific type of malware exists solely to spy on and collect innocent users’ data. It’s called spyware, and it’s done some serious damage in the past. Now, a new spyware with surveillance capabilities named SonicSpy is here, and it has been weaved into thousands of malicious messaging apps– three of which have made their way onto Google Play.

These three apps, named Hulk Messenger, Troy Chat, and Soniac all contain malicious features that make them the perfect vector for cybercriminals wishing to snoop. Soniac’s capabilities in particular provide an attacker with significant control over a target device.

So, what does this control look like exactly? Once a user has downloaded a Soniac messaging app, SonicSpy malware can record audio, make outbound calls, send text messages to attacker-specified numbers, and retrieve information such as call logs, contacts, and Wi-Fi access point details.

The good news is these three apps have since been removed from Google Play. However, the remaining apps—which since February number slightly more than 4,000—are being distributed through third-party app stores. Plus, these malicious apps are also being distributed through direct phishing texts with download links. So, its important users still remain cautious.

Therefore, to ensure you don’t get snooped on by SonicSpy, follow these tips:

  • Only shop on legitimate app stores. Many of the infected applications exist outside of Google Play and are floating around on unaffiliated third-party stores. It’s crucial users only download applications from official stores, like Google Play or the Apple App store, to ensure they don’t get spied on by SonicSpy.
  • Check app reviews. Before you even download an app, make sure you head to the reviews section of an app store first. Take the time to sift through the reviews, and keep an eye out for ones that mention that the app has had issues with security or might be a bit sketchy. When in doubt, don’t download any app that is remotely questionable.
  • Don’t click. If you’re ever sent an email or a text message from an unknown source, remain wary and don’t click on any links that may be included in the message’s content. These links can carry malware, or redirect you to a malicious app in this instance.
  • Use a mobile security solution. As spyware campaigns continue to hit mobile devices, make sure your phone is prepared for any threat coming its way. To do just that, cover these devices with a mobile security solution, such as McAfee Mobile Security.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

Leave a Comment

4 × 3 =