Researchers Discovered "Skygofree", Powerful Android Spyware

SHARE:

Researchers Discovered "Skygofree", Powerful Android Spyware

SkyGoFree — Android Spyware

Security experts have uncovered one of the most powerful and highly sophisticated Android spyware tools that give hackers full authority over infected devices.

Named Skygofree, the android spyware is designed for surveillance, and we believed it has been targeting a large number of Android users for the past four years.

In October 2017, according to a report published by Russain security firm Kaspersky Labs that they have found out a new android spyware with several new features previously unseen in the past.

The several new features include such as the ability to record audio surroundings via the microphone when an infected device is in a specified location, stealing of WhatsApp messages via Accessibility Services & the ability to connect infected devices to malicious Wi-Fi networks controlled by cybercriminals.

The Skygofree is distributed through fake web pages impersonate of leading mobile operators.the domains which are used to spread the Android implants has been registered by the hackers since 2015.

According to Kaspersky telemetry, 2015 was the year the distribution campaign was at its most active. The activities continue: the most recently observed domain was registered on October 31, 2017. Based on our KSN statistics, there are several infected individuals, exclusively in Italy.
According to the observed samples and their signatures, early versions of this Android malware were developed by the end of 2014 and the campaign has remained active ever since.
Signature of one of the earliest versions of Skygofree
Signature of one of the earliest versions — Image by Kaspersky Lab
The implant provides the ability to grab a lot of exfiltrated data, like call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device.

After manual launch, it shows a fake welcome notification to the user:
Dear Customer, we’re updating your configuration and it will be ready as soon as possible.
Android Spy Trojan steals sensitive info from victims Spreads in Italy 🇮🇹  as fake telecommunication company Tre.It
Android Spy Trojan steals sensitive info from victims Spreads in Italy 🇮🇹 as fake telecommunication company Tri.It
At the same time, it hides an icon and starts background services to hide further actions from the user.

Skygofree android malware background services

After a deep analysis of all discovered versions of Skygofree, Researchers at Kaspersky Labs made an approximate timeline of the implant’s evolution.

analysis-on-skygofree-versions-by-kaspersky-labs
Kaspersky Lab experts also found a similar of Skygofree targeting Windows users, suggesting the authors' next area of interest is the Windows platform. 

The best way to prevent yourself secure from being a victim is to avoid downloading apps via third-party websites, app stores or links provided in SMS messages or emails. Stay Safe :)
Advertisement
Advertisement
Advertisement
Name

Aiobuy Dark Web Market,1,American Hackers,1,Android Malware,1,BIOS,1,Bitcoin,3,BitLocker Password,1,Blackberry,1,Botnet,3,British Hacker Jailed,1,Bypass BIOS and BitLocker,1,Chinese Hackers,1,CoinHive,2,Computer Network,1,Crypter,1,Cryptocurrency,5,CryptoMiner,4,Cyber Attack,3,Cyber Warfare,1,Cybercrime,6,Cybercriminal,3,Cybersecurity,2,Data Theft,2,DDoS,2,Denial of Service Attack,1,Department of Homeland Security,1,F-Secure,1,F5 Network,1,Fancy Bear,1,FBI,2,Federal Bureau of Investigation,3,Federal Investigation Agency FIA,1,Flaw,1,Foreign Intelligence Surveillance Act,1,Google,2,Google Apps Script,1,Google Drive,1,Hacker Arrested,2,Hackers,2,Hacktivist,1,Hancock Health Hospital,1,Hospital,1,Infy Group,1,Intel Active Management Technology,1,Intel AMT,1,Intelligence Agencies,3,Internet of Things,1,Internet Scam,1,Irani Hackers,1,Israeli Defense Ministry,1,Israeli Government,1,JBoss Exploit,1,Kaspersky Labs,1,Kronos,1,Laptop,1,Linux,2,Malware,8,Meltdow,1,Monero Crypto,1,Money Fraud,3,NASA,1,National Security Agency,2,Network,1,Network Security,1,NSA,1,OnePlus Credit Card Breach,1,Online Payment System,1,Oracle Micros POS,1,Pakistan Police,1,Palo Alto Network,1,PayPal,1,Phishing Attacks,1,Pokemon,1,Proofpoint,1,PyCryptoMiner,1,Ransomware,2,Remote Access Trojan Tool,1,Russian Hacking Group,2,SamSam Ransomware,2,Section 702,1,Security,2,Security Breach,1,Security Features,1,Security Researcher,2,Security Vulnerability,1,SkyGoFree,1,Skype,1,Smartphones,1,Spectre,1,State Sponsor Cyber Attack,1,Surveillance,2,Unauthorized Computer Access,3,Unidentified Hacker,4,United State Government,4,US Army,1,US Department of Defense,2,Vulnerability,1,WannaCry,1,Whatsapp,1,Wi-Fi,1,Wi-Fi Protected Access WPA3,1,Windows,1,WPA2,1,WPA3,1,YouTube,1,Zero-Day Exploits,1,
ltr
item
Fishy Security Lab Blog | Information Security News Blog: Researchers Discovered "Skygofree", Powerful Android Spyware
Researchers Discovered "Skygofree", Powerful Android Spyware
Researchers Discovered "Skygofree", Powerful Android Spyware
https://1.bp.blogspot.com/-NXKfIhhFEUE/Wl9V4NsMnFI/AAAAAAAACY8/JZvy7hchaH437H0xcaq-rmevkQ7qM3XKQCLcBGAs/s640/skygofree-android-malware.png
https://1.bp.blogspot.com/-NXKfIhhFEUE/Wl9V4NsMnFI/AAAAAAAACY8/JZvy7hchaH437H0xcaq-rmevkQ7qM3XKQCLcBGAs/s72-c/skygofree-android-malware.png
Fishy Security Lab Blog | Information Security News Blog
https://blog.fishyseclab.com/2018/01/skygofree-android-spying-malware.html
https://blog.fishyseclab.com/
https://blog.fishyseclab.com/
https://blog.fishyseclab.com/2018/01/skygofree-android-spying-malware.html
true
4151341886699971489
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy