Kaspersky Lab Warns of Extremely Sophisticated Android Spyware Tool

An Italian IT company has been using spoofed web pages to quietly distribute an extremely sophisticated Android spyware tool for conducting surveillance on targeted individuals since 2015. In an advisory Tuesday, security vendor Kaspersky Lab described the tool, named Skygofree, as containing location-based audio recording capabilities and other functionality never before seen in the wild.

Available telemetry suggests the multi-stage spyware was first developed in 2014 and has been in continuous development since then. The Android implant gives attackers the ability to take complete administrative control of infected devices and to snoop in on conversations and nearby noises when the device enters specific locations. Skygofree is also designed to steal WhatsApp messages via Android’s Accessibility Services and to connect infected devices to attacker-controlled Wi-Fi networks. Its other capabilities include the ability to surreptitiously take videos and pictures, steal call records and SMS messages, and grab geolocation data, calendar events, and other information from infected devices.

Read more about the Skygofree spyware tool, which has the ability to add itself to the list of protected Android apps on an infected device so it doesn’t get automatically shut down when the screen is turned off, on DarkReading.

 

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here