Kaspersky said that on the basis of the observed samples and the signatures, it found that the early versions of this Android malware were developed by the end of 2014 and the campaign has remained active ever since. According to tech website Arstechnia, the malware has undergone continuous development since its creation with the latest version having 48 different commands.
“High-end mobile malware is very difficult to identify and block and the developers behind “Skygofree” have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion,” The Telegraph quoted Alexey Firsh, Malware Analyst at Kaspersky, as saying.
The discovery is concerning because of its ability to record encrypted WhatsApp messages. It is able to do this by tricking an Android feature that was designed to help users with disabilities by making apps more accessible.
The spyware can read messages displayed on the screen through the Android Accessibility feature, including messages a victim sends on WhatsApp, Kaspersky said. The spyware relies on several other exploits to gain privileged root access that allows it to bypass key Android security measures. “Skygofree” is capable of taking pictures, capturing video and seizing call records, text messages, geolocation data, calendar events and business-related information stored in device memory.
It also includes the ability to automatically record conversations and noise when an infected device enters a location specified by the person operating the malware. The spyware also comes with an ability to recording Skype conversations.
Also read: Flipkart Republic Day Sale: Top Upcoming Deals on Smartphones.
Watch: Tech and Auto Show EP 28 | 2018 Audi Q5, LG V30+ & More.