• News
  • Tech

Malware 'Skygofree' can steal WhatsApp messages from Android phones

Malware 'Skygofree' can steal WhatsApp messages from Android phones

Kaspersky Lab on Tuesday sounded the alarm about the discovery of highly advanced surveillance software that it said can infiltrate Android mobile devices and gather "targeted" information without users' consent.

All of these are naturally fraught with risks for the device owner, but the ability to control the device's Wi-Fi is especially concerning, because it allows the criminals to connect it to a network they control and intercept all of your internet traffic including passwords and credit card numbers.

The malware, called Skygofree, has been in existence since 2014 and is now limited only to Italy. The activities continue: the most recently observed domain was registered on October 31, 2017.

In order to monitor apps like WhatsApp and Skype, Skygofree needs access to Accessibility Services, which requires the user's permission.

But researchers have also discovered Skygofree-related files suggesting the Android spyware might have payloads and variants for infecting Linux (Busybox) and Windows systems, albeit no such infections were identified.

Researches at Kapersky Labs say this malware has been around since 2014 and has been dubbed "SkyGoFree".

Skygofree is even capable of activating geofences that trigger audio recording once the infected device enters a certain area.

Kaspersky Lab researchers have discovered multi-stage spyware it calls Skygofree that could give a cybercriminal full control of an infected device.

"Users are further advised to exercise caution when they receive emails from people or organizations they don't know, or with unexpected requests or attachments - and to always double-check the integrity and origin of websites before clicking on links", says Kaspersky Lab. It is also able to "grab a lot of exfiltrated data, like call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device. Due to this feature, it is clear that the developers paid special attention to the work of the implant on Huawei devices", researchers wrote.

"Given the artifacts we discovered in the malware code and our analysis of the infrastructure, we have a high level of confidence that the developer behind the Skygofree implants is an Italian IT company that offers surveillance solutions, rather like HackingTeam", Firsh added.

Tracking the device's location, and record audio at specified locations.

Kaspersky found it was distributed through fake mobile operator websites disguised as an update to improve mobile internet speed, and has traced it to having infected several devices within Italy, with no known cases in the United Kingdom or elsewhere to date. This could be used to launch man-in-the-middle attacks against the victim by setting up a malicious hotspot nearby and redirecting the user to rogue websites.

Leave Your Comment

Leave Your Comment


Latest News

Breaking News



Recommended

She's here! Kim Kardashian West announces the Arrival of her Baby Girl

In November, she admitted to Entertainment Tonight that the process of surrogacy has been a hard experience for her family, too. I swear.it's about to be the best ratings KUWTK has ever had! "She didn't know at the beginning", Kim explained.

Suspect charged in brutal stabbing of UPenn student Blaze Bernstein

In the affidavit, Woodward said he waited for an hour for Bernstein to return to the auto and then tried to reach him on Snapchat. He's now behind bars on suspicion of involvement in Blaze's death, though no formal charges have been made yet.

Donald Trump-Based Novel Fire and Fury is Headed to TV

After that, Trump was accused of calling several nations "sh**holes" during a meeting with Senators about immigration. He used Sloppy Steve Bannon , who cried when he got fired and begged for his job.

Deadly blowfish guts sold at grocery; Japanese city officials send emergency warning

Three of the packages of fish have been recovered by authorities, but two others remain at large. There is no antidote to the poison.

'I am not a racist,' President Trump declares tonight

Embassy in Pretoria said on Friday that the U.S. commitment to Africa's "continued growth and success is unwavering". Republican Senators Tom Cotton of Arkansas and David Perdue of Georgia appeared on political talk shows on Sunday.

Up to four inches of snow expected in parts of Northern Ireland

Widespread heavy snow is forecast for the Borders throughout tomorrow, with more likely to follow the day after. Today's snow warning has been raised to amber by the Met Office , with up to 10cm falling at low levels.

White House doctor says President Trump is 'very healthy'

Jackson said, Trump "is more enthusiastic about the diet part than the exercise part but we're going to do both". Jackson also said he plans to up the president's dosage of a medication meant to lower his cholesterol.

Pastor defends denouncing Trump's 'shithole' comment in front of Pence

Mr Pence's office denied he became embarrassed in an email to news agency The Associated Press. The historically black church was established a year after the Emancipation Proclamation.

Macron set to pressure Britain

It followed claims from Paris sources that President Macron had managed to "strong arm" Britain into a deal. Many migrants want to try to enter illegally into Britain and remain in and around Calais .

Wave of lawsuits filed to block net-neutrality repeal

He said he does not believe a vote to overturn the FCC decision would get a majority in the U.S. In a statement , Senate Democrats said the bill has support of all 49 Democratic senators.