New mobile malware is straight out of a Hollywood spy movie

January 18, 2018

By

Here at Komando.com, our goal is to keep you safe in this constantly evolving world of digital threats and dangers. Just last year, we warned you about the most sophisticated Android attack ever called the Chrysaor aka Pegasus for Android,  a type of spyware that can completely take over your smartphone.But as technology gets updated constantly, guess what gets regular upgrades, too? Yep, malware tools. Malware makers and black hat hackers are skilled programmers themselves and they constantly tweak and improve the tools of their trade to keep up with the times.As such, you’ll be blown away by this newly discovered malware. It’s got all the wizardry and gizmos even the most sinister James Bond supervillain will definitely love. It’s called “Skygofree,” the latest in industrial grade mobile espionage.

“No, Mr. Bond, I expect you to spy”

According to a new report from cybersecurity company Kaspersky Lab, “Skygofree” is “one of the most powerful spyware tools” they have ever seen on Android and its multiple capabilities are “reminiscent of Hollywood spy movies.”Kaspersky spotted Skygofree late last year but evidence shows that it has been active since 2014. But in three years, it has evolved from a simple form of malware to an advanced spying Swiss Army Knife of sorts.Its advanced functions include:

Skygofree’s audio recording prowess is so advanced that it can automatically turn on a phone’s mic and record sounds when the infected gadget enters a specific location. It can also turn on the front-facing camera and take selfie shots without the victim’s knowledge. Just imagine what the cybercriminals can do with all the stolen shots!A first is Skygofree’s ability to spy on encrypted messages (like the ones sent through WhatsApp or Facebook Messenger) by exploiting Android’s Accessibility Service. This service is meant for assisting people with disabilities but Skygofree abuses the system function that reads what is on a phone’s screen.But wait, there’s more! Another new feature is its ability to automatically connect infected gadgets to Wi-Fi networks controlled by its masters. With this function, the bad guys can view web histories, redirect traffic and insert any man-in-the-middle attacks they wish.With this comprehensive grab bag of malicious tools, this new malware is certainly a spying dream!

Where did  Skygofree come from?

Kaspersky researchers warn that Skygofree is spread via fake web landing pages that mimic the websites of mobile carriers. The domains they use have been active since 2015 and their campaigns are still in effect.Further analysis revealed that the malware has traces of the domain name h3g.com, registered to an Italian IT company called Negg International.Thankfully, Kaspersky has only detected a few infections for now and they all seem to originate from Italy as well, the malware’s suspected country of origin.

Protect yourself from Android malware

Android security risks are growing each day so it’s vital that Android owners are taking proactive measures to protect themselves:

Have a question about Android phones? Kim has your answer! Click here to send Kim a question, she may use it and answer it on her radio show. The Kim Komando Show is broadcast on over 450 stations. Click here to find the show time in your area. 

These 4 malicious Chrome extensions are infecting more than half a million users

In related news, are your Google Chrome extensions safe? Check them now, you might have one of these nasty add-ons installed. Click here to learn all about them.

https://www.komando.com/tips/cybersecurity/new-mobile-malware-is-straight-out-of-a-hollywood-spy-movie/