Great Moto G Stylus deal on Amazon!

This Russia-linked spyware disguised as Android 'Process manager' app can track and record you

By
1comment
Android
This Russian malware disguised as Android 'Process manager' process can track and record you
Android spyware masquerading as a process manager app may have a possible link to the Russian hacking group Turla , advise Lab52 security researchers. The group has been designated an APT (Advanced Persistent Threat) maker which usually denotes a nation state or state-sponsored entity that lodges malware exploits in computer networks that are then able to lie dormant and send information to their creators for a long period of time.

The Process manager app has been detected to send information to IP addresses associated with Turla's operations, though it can't be proved with certainty that they belong to the group or that the information obtained is then used for nefarious purposes. In any case, upon installation the app gets a number of permissions that include the following:

  • Access coarse location
  • Access fine location
  • Access network state
  • Access WiFi state
  • Camera
  • Foreground service
  • Internet
  • Modify audio settings
  • Read call log
  • Read contacts
  • Read external storage
  • Write external storage
  • Read phone state
  • Read SMS
  • Receive boot completed
  • Record audio
  • Send SMS
  • Wake log

As you can see, most of these are a serious threat to your privacy if used with malicious intent, especially the location tracking and voice recording, but the camera use permissions, too. The app is rather inconspicuous otherwise, marked with a cogwheel icon as if a settings and system app, which disappears upon the automatic granting of the aforementioned permissions. It then launches a persistent notification in the status bar that may be a telltale sign your phone is being watched. 

Recommended Stories
The reason that the Lab52 researchers indicate the process management app as weak threat despite its possible Turla connection, is that the persistent notification that the app is running is clearly visible, plus the app is part of a monetization infrastructure that hides in popular affiliate networks like the one linked to the popular Roz Dhan: Earn Wallet Cash app above. 

That's not a typical stealth behavior yet if you have installed some of those affiliate programs you can still look for the process manager app and revoke permissions or, better yet, uninstall them all if you are worried about your phone's security.
https://m-cdn.phonearena.com/images/users/59-200/Daniel-P.jpg
Daniel Petrov Senior Mobile Tech Journalist and Reviewer
Daniel, a devoted tech writer at PhoneArena since 2010, has been engrossed in mobile technology since the Windows Mobile era. His expertise spans mobile hardware, software, and carrier networks, and he's keenly interested in the future of digital health, car connectivity, and 5G. Beyond his professional pursuits, Daniel finds balance in travel, reading, and exploring new tech innovations, while contemplating the ethical and privacy implications of our digital future.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile is now going to dictate where you can use its 5G internet
T-Mobile is now going to dictate where you can use its 5G internet
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
Verizon customers need to be on red alert as a phishing campaign aims to steal their money
Verizon customers need to be on red alert as a phishing campaign aims to steal their money
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life

Latest News

T-Mobile confirms major 5G network upgrades in Louisiana
T-Mobile confirms major 5G network upgrades in Louisiana
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
AT&T's first kid-friendly tablet is here with a fun design and great price
AT&T's first kid-friendly tablet is here with a fun design and great price
LeBron James may have leaked Apple's next big Beats product
LeBron James may have leaked Apple's next big Beats product
FCC OKs Cingular\'s purchase of AT&T Wireless