PhoneSpy can steal sensitive information, obtain a complete list of installed apps, record audio, and video in real-time, extract device information, and even grant remote access to the device.  

Targeting US and Korean Markets 

Malware has become increasingly common in apps. This has the greatest impact on Android devices. Users would have downloaded these apps in order to gain access to the premium features. PhoneSpy malware has now been discovered in a large number of devices, according to a new report. Devices infected with PhoneSpy malware have been discovered in the US and Korean markets. This malware has been discovered in over 23 Android apps. The fact that these apps are not available on the Google Play Store is a plus. PhoneSpy malware steals a large amount of sensitive information. Messages, images, call details, and other data are all included. This malware can also track your device’s location remotely. 

The mobile application is a threat to phone devices because it receives and executes commands to collect and exfiltrate a wide range of data and perform a wide range of malicious actions which includes: 

  • Steal credentials. 
  • Tracking the GPS location 
  • Real-time audio recording 
  • Using the front and rear cameras. 
  • Send SMS with attacker-controlled text to an attacker-controlled phone number. 
  • Hide the icon from the device’s drawer/menu to conceal its presence. 

Takes Over All Phone Details 

Malware can access the entire list of installed apps on the device due to multiple app permissions. PhoneSpy malware is so dangerous that it can access audio and video from the camera and microphone on the phone. This malware also detects a variety of device information, including the IMEI number, device name, and brand make. This malware has been reported by Zimperium Mobile Security Agency. This app, according to the report, can also delete any installed app on the phone. It can track the device’s location in real-time. By enabling the threat actor, the spyware also attempts to obtain Facebook, Instagram, Google, and Kakao Talk login credentials via phishing pages. No app should be downloaded from untrustworthy links.