General News

New Pegasus ?: Alert about a ‘malware’ that steals data from Android ‘smartphones’

Posted: Nov 11, 2021 22:03 GMT

The malicious program has attacked the smartphones of more than a thousand users in South Korea.

Last summer, the existence of Pegasus spyware – from the Israeli company NSO Group -, revealed by a media consortium in a joint investigation, shocked the world. This Wednesday, researchers from the cybersecurity company Zimperium zLabs warned about the detection of a new ‘malware’, called PhoneSpy, which has already affected numerous Android users in South Korea.

So far, the program has damaged the phones of more than 1,000 individuals in that country. “The malicious group behind this invasive campaign has gained access to all data, communications and services of their devices “, stressed from Zimperium zLabs.

How does it work and what functions do you have access to?

Spyware routinely infiltrates devices by exploiting vulnerabilities. In the case of Pegasus, for example, what is known as a trap link is sent, which persuades the victim to touch it and thus activate spyware. In the same way, there is a strategy of ‘zero clicks’, when the program is installed without user intervention.

Apple will allow users to leave their iCloud photos, messages and notes to people they trust when they die

Meanwhile, the PhoneSpy is disguised and presented as any regular application, with themes ranging from yoga to viewing photos and videos. In total, the presence of spyware has been detected in 23 apps.

The experts pointed out that such applications Are not avaliables in any Android ‘app’ store, which suggests that hackers are using “distribution methods based on redirection of web traffic or social engineering” in this case.

Richard Melick, author of a blog on the Zimperium zLabs site, detailed in a comment to the TechCrunch portal that cybercriminals use tools such as’ phishing ‘to infiltrate their victims’ phones, “tricking the end user into downloading what you think is a legitimate application from a compromised website or direct link. ”

By seizing a ‘smartphone’ with Android system, the malicious program allows access to the camera, take photos, and record videos and audios. Among other things, hackers can also monitor GPS coordinates, steal messages, contacts and call records and test the mobile in question in a controlled way. In that sense, the capabilities of PhoneSpy are similar to those of Pegasus, as estimated on the Threatpost portal.

Zimperium zLabs has not determined who is spreading and using PhoneSpy, but said it reported the discovery to South Korean and US authorities. The company offered the command-and-control server host its help in ending the ‘malware’. However, the spyware still It is active.

About the author

Donna Miller

Donna is one of the oldest contributors of Gruntstuff and she has a unique perspective with regards to Science which makes her write news from the Science field. She aims to empower the readers with the delivery of apt factual analysis of various news pieces from Science. Donna has 3.5 years of experience in news-based content creation, and she is now an expert at it. She loves journalism, and that is the reason, she moved from a web content writer to a News writer, and she is loving it. She is a fun-loving woman who has very good connections with every team member. She makes the working environment cheerful which improves the team’s work productivity.

Add Comment

Click here to post a comment