SonicSpy malware has made it to the Play Store carried by thousands of apps, can use phone camera, microphone, and more
by Preslav Kateliev / Aug 14, 2017, 9:13 AM
Viruses are always a nasty thing to deal with and it has been so since the age of the first household PCs. However, malicious software, which aims to allow an attacker to steal your data or hijack your device for their purposes, is downright dangerous. Especially considering how much sensitive information we keep on our computers and our phones nowadays.
We generally feel safe and secure when downloading apps from the Google Play Store or the Apple App Store, since both marketplaces have strict rules and monitoring of each new product. However, every once in a while, hackers manage to fool the system and cheat their way through, injecting a bunch of apps with their malicious software.
Right now, there is a malware called SonicSpy on the loose, hunting for Android devices. It has been reported that more than a thousand infected apps were detected, some of which were even on the Play Store.
The apps that it masks behind are just modified Telegram messengersThe security experts over at Lookout have posted the latest on SonicSpy, its presence on the Play Store, and how it works. In every case, it seems, the malware was disguised as a chat app, fully functioning as it was, apparently, just a modified Telegram.
The blog post points towards three messengers that were found to be malicious — Soniac, Troy Chat, and Hulk Messenger. When the user downloads their app of choice, they actually download a mini installer. Once tapped, its icon disappears, the actual messenger is installed and takes the place of the old icon, and the malware hides itself in the background.
What can it do? It has full access over the camera and microphone, can make calls or send texts, can retrieve call logs, contacts, and saved Wi-Fi point information.
Scary stuff, right? The three apps were posted by account “iraqwebservice” and is believed that do, actually, originate from Iraq. Right now, however, the apps and account are all gone. Still, it's reported that SonicSpy is still being developed, so just be careful which apps you download. No need to go for that shady-looking “Best camera Insta filters viewer likes guaranteed” app right now.
Posts: 5868; Member since: May 06, 2016
Not trying to downplay this issue, but I've learnt that most spyware and viruses discovered by analysts and security firms are developed and put there by those very same security firms in the first place, so that they can be the first to discover a new virus, thus hyping up their reputation and drum up business. Just saying.
posted on Aug 14, 2017, 9:18 AM 9
Posts: 2943; Member since: Jul 02, 2014
It's called business.
posted on Aug 14, 2017, 9:37 AM 0
Posts: 14967; Member since: Sep 25, 2013
Shouldn't it be illegal? Wait...isn't this equal to pharmaceuticals creating sicknesses, so they can make money off the cure? Oh and those sicknesses they causes? Are placed on the bottle as "side effects". Because if you have side effects, then what do you have to do? Buy more meds to counteract the side effects, in which those also can have side effects and its simply a continuous loop that makes them money!
posted on Aug 14, 2017, 2:41 PM 0
Posts: 2123; Member since: Dec 27, 2016
Is that your thinly veiled way of saying Lookout infected the offending apps, as a means to drum up business? Pretty bold of you, considering you personally have zero way to back it up.
posted on Aug 14, 2017, 10:19 AM 2
Posts: 7383; Member since: Mar 16, 2013
It's a shame these apps arrive on the app stores. Because indirectly it give an OS a bad name. Yet at the end of the day the app cannot do anything to the users OS. Because the OS is still protecting the user. So it's really the people that allow that app on the store in the first place.
posted on Aug 14, 2017, 6:40 PM 0
A misleading title once more. Like stated in the article, only 3 apps have been found in the Playstore carrying this malware and they already have been removed by Google before Lookout made this announcement (although Lookout did report it first to Google)
posted on Aug 14, 2017, 9:18 AM 5
Posts: 1972; Member since: May 19, 2017
Oh here we go with the denial. I think you are overlooking the fact that malware has once again made it to the play store, but you remain clueless as ever.
posted on Aug 14, 2017, 10:13 AM 1
I'm not denying a thing, if I would be denying I would be saying there wasn't any malware in the Playstore at all. But once again websites like PA blow it out of proportions. Yet you don't see them writing an article on for instance the trident vulnerabilities of iOS. Should Google ante up their malware scanning practices in the Playstore, yes they should. Will the current state affect millions of people and worry people, hardly. You just read what you want to read and remain ignorant as ever.
posted on Aug 14, 2017, 11:37 AM 2
Posts: 14967; Member since: Sep 25, 2013
He didn't deny anything. Did you even read his post? " Like stated in the article, only 3 apps have been found in the Playstore carrying this malware and they already have been removed by Google" So right here he states ion his own post about what was found, he never denied it was found. Jerk! Such apps appear on ALL platforms, even IOS where Apple claims to be more stringent vs Google. And yet it happens.
posted on Aug 14, 2017, 2:48 PM 1
Posts: 1324; Member since: Aug 31, 2016
How did "THOUSANDS OF APPS" become 3 apps?
posted on Aug 14, 2017, 10:16 AM 6
Posts: 4220; Member since: Nov 01, 2016
posted on Aug 14, 2017, 10:46 AM 4
Posts: 2445; Member since: Mar 23, 2012
Android is a pile garbage. All the viruses in the entire world come from Android side....lol
posted on Aug 14, 2017, 10:19 AM 2
Posts: 94; Member since: Mar 25, 2017
You know I can understand experts recommending Windows over macOS and Linux but anyone recommending Android over iOS needs their head examined. I say this because Windows you can look past the malware because Windows has a simpler user interface than macOS and Linux but iOS has a simpler user interface than Android. Windows PCs are also more upgradeable than Macs thus the reason why it's preferred by gamers and businesses but neither iOS or Android can be upgraded without getting a new device thus ruining that advantage. Also the top Windows computers kill Macs on benchmarks but the iPhone kills Android phones on benchmarks. So in reality there no reason to look past Android's malware and security issues. Besides most professionals like doctors and most governments prefer iOS because it's harder to hack and is easier to use.
posted on Aug 14, 2017, 11:04 AM 0
Posts: 1548; Member since: Jun 04, 2013
1) Lots of Choices for customers. 2) Cover all price groups. 3) Better customisability, widgets & skins. 4) More closer to a mini PC with better multi tasking and working file managers. 5) Lots of free stuffs in the store. 6) Open source system and custom ROMs for those who are interested in such stuffers. 7)Follow universal standards like USB type C. 8) Easy sharing of files and stuffs between phones and computers. I'm sure all these advantages are completely useless to you so need to bother giving a reply. Lol
posted on Aug 14, 2017, 11:55 AM 0
Matt, stop digging your own hole deeper. You're seriously in denial if you don't see any benefits of owning an android over iOS. I like iPhones, one of the best devices I ever owned was an iPhone - and I would like to own one again - but with ONLY flagships offere by Apple - is forced to resort to a much cheaper device that Apple doesn't care to build! Problem is these cheaper devices are really good today - they may not offer latest and greatest, but they're so much better than owning an older iPhone model. So shut the hell up - you don't know what you're talking about.
posted on Aug 14, 2017, 12:02 PM 1
Posts: 70; Member since: Apr 28, 2015
So the lesson is don't download random apps and click all the buttons giving them tons of security permissions. Who that visits PA or any tech website actually does that? I feel like these types of articles should be more targeted at AARP magazine.
posted on Aug 14, 2017, 11:33 AM 1
Posts: 1085; Member since: Jan 17, 2014
I don't ever side-load apps from outside of Google Play Store, and even when I'm on the Play Store I don't download apps that look suspicious or have fewer than 500,000 downloads... of course, the problem is that you never really know, and you have to watch app permissions like a hawk. I do my best to manage apps safely, but it does irk me about the Play Store that things can get in and wreak havoc if somebody manages to slip something in, even under Google's watchful eye. No one is immune, of course, but somehow Apple manages to maintain the myth and appearance that this does not ever happen in their ecosystem.
posted on Aug 14, 2017, 3:56 PM 0
Send a warning to post author
Send a warning to Selected user.
The user has 0 warnings currently.
Next warning will result in ban!
Ban user and delete all posts
Message to PhoneArena moderator (optional):