SpyNote – Its Coming
Hackers and thieves are always looking for new ways to spread their payloads and get their target. Earlier this month, Unit 42 of Palo Alto Networks discovered a brand new threat while trolling through malware discussion forums.
Dubbed SpyNote, this little nasty is a R.A.T (Remote Administration Tool) with a laundry list of backdoor features. SpyNote allows an attacker to do anything they want with your device. A few of the more popular features are:
- No root access required
- Install new APKs and update the malware
- Copy files from device to computer
- View all messages on the device
- Listen to calls made on the device
- List all the contacts on the device
- Listen live or record audio from the device’s microphone
- Gain control of the camera on the device
- Get IMEI number, Wi-Fi MAC address, and cellphone carrier details
- Get the device’s last GPS location
- Make calls on the device
This certainly isn’t the first tool like this that has been seen, a few months ago we covered Dendroid which creates similar payloads and packages them inside any APK. While the malicious app does need user granted permissions to work, wrapping the application in another APK proves to be a successful method of distribution.
Droidjack proved this earlier this month when an infected version of Pokémon Go circulated the web. As of now, SpyNote has not been seen in the wild, but researchers are convinced its only a matter of time.
Source Link: ThreatPost
Related Posts
About The Author
CyberArcher
Carl is an Android enthusiast that got his start with an HTC Hero. Quickly tiring of not being able to change certain things about the device, he sought out the means to do what he wanted; Enter XDA Developers. After spending immense amounts of time on the forums learning, building and sharing, Carl decided to pursue higher education to increase his understanding and focus on a direction in the mobile world. Primarily focusing on security and privacy, Carl intends to gain his CEH and Reverse Engineer malware.