Researchers locate Android spyware that can steal WhatsApp messages

Kaspersky said that on the basis of the observed samples and the signatures, it found that the early versions of this Android malware were developed by the end of 2014 and the campaign has remained active ever since.

Indo-Asian News Service
London, Publish Date: Jan 17 2018 2:20PM | Updated Date: Jan 17 2018 2:21PM
Researchers locate Android spyware that can steal WhatsApp messagesFile Photo

Researchers from Russian cyber security company Kaspersky Lab have found an Android spyware that has the ability to steal WhatsApp messages via Accessibility Services and connect an infected device to Wi-Fi networks controlled by cybercriminals.

Dubbed as "Skygofree", the malware is claimed to have been found on malicious websites in Italy and is most likely an offensive security product sold by an Italy-based IT company that markets various surveillance wares, Kaspersky wrote in its official blog Securelist late on Tuesday. 

Kaspersky said that on the basis of the observed samples and the signatures, it found that the early versions of this Android malware were developed by the end of 2014 and the campaign has remained active ever since.

According to tech website Arstechnia, the malware has undergone continuous development since its creation with the latest version having 48 different commands. 

"High-end mobile malware is very difficult to identify and block and the developers behind "Skygofree" have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion," The Telegraph quoted Alexey Firsh, Malware Analyst at Kaspersky, as saying. 

The discovery is concerning because of its ability to record encrypted WhatsApp messages. It is able to do this by tricking an Android feature that was designed to help users with disabilities by making apps more accessible. 

The spyware can read messages displayed on the screen through the Android Accessibility feature, including messages a victim sends on WhatsApp, Kaspersky said.

The spyware relies on several other exploits to gain privileged root access that allows it to bypass key Android security measures. 

"Skygofree" is capable of taking pictures, capturing video and seizing call records, text messages, geolocation data, calendar events and business-related information stored in device memory.

It also includes the ability to automatically record conversations and noise when an infected device enters a location specified by the person operating the malware. The spyware also comes with an ability to recording Skype conversations.

Latest News

  1. Court seeks status report in Major Gogoi hotel incident
  2. Court seeks status report in Major Gogoi hotel incident
  1. Govt pre-pones vacations for summer zone schools
  2. Govt pre-pones vacations for summer zone schools
  1. Muslim youth beaten up for befriending Hindu girl
  2. Muslim youth beaten up for befriending Hindu girl
  1. Mehbooba welcomes Rajnath’s dialogue offer, hopes Hurriyat seizes the opportunity
  2. Mehbooba welcomes Rajnath’s dialogue offer, hopes Hurriyat seizes the opportunity
  1. Petrol prices rise for 13th straight day; almost Rs 78 in Delhi
  2. Petrol prices rise for 13th straight day; almost Rs 78 in Delhi
  1. Modi doesn't advocate peace talks: Musharraf
  2. Modi doesn't advocate peace talks: Musharraf
  1. Mehbooba congratulates Sama for topping in JK CBSE class 12 results
  2. Mehbooba congratulates Sama for topping in JK CBSE class 12 results
  1. People now know Modi-Shah duo harmful for country: Congress
  2. People now know Modi-Shah duo harmful for country: Congress
  1. Truck plunges into gorge on Kashmir highway, one killed
  2. Truck plunges into gorge on Kashmir highway, one killed
  1. NIA arrests Kupwara resident in Nagrota army camp attack case
  2. NIA arrests Kupwara resident in Nagrota army camp attack case
  1. Army schools in Kashmir take a digital leap
  2. Army schools in Kashmir take a digital leap
  1. Youth held with grenade in Srinagar
  2. Youth held with grenade in Srinagar
  1. Yasin Malik hits out at New Delhi as JRL stages protest to demand release of prisoners
  2. Yasin Malik hits out at New Delhi as JRL stages protest to demand release of prisoners
  1. Shabir Shah's daughter tops Jammu and Kashmir in CBSE class 12 results
  2. Shabir Shah's daughter tops Jammu and Kashmir in CBSE class 12 results
  1. Four years of Modi: Congress slams BJP over farmers' suicides, unemployment
  2. Four years of Modi: Congress slams BJP over farmers' suicides, unemployment
  1. Girls outshine boys in CBSE Class 12 results
  2. Girls outshine boys in CBSE Class 12 results
  1. Shutdown in Downtown Srinagar against ‘police high-handedness’
  2. Shutdown in Downtown Srinagar against ‘police high-handedness’
  1. Pakistan rejects charge of treating US diplomats badly
  2. Pakistan rejects charge of treating US diplomats badly
  1. North Kashmir: Amid shutdown, hundreds protest Hajin civilian killing
  2. North Kashmir: Amid shutdown, hundreds protest Hajin civilian killing
  1. No confusion in our Kashmir policy; ready to talk to Hurriyat, Pakistan: Rajnath Singh
  2. No confusion in our Kashmir policy; ready to talk to Hurriyat, Pakistan: Rajnath Singh
  1. Pak Army summons former ISI head over book co-authored with ex-RAW chief
  2. Pak Army summons former ISI head over book co-authored with ex-RAW chief
  1. Modi says 'India First' as government completes four years
  2. Modi says 'India First' as government completes four years
  1. Overbooked Air India flight leaves passengers behind; airline spokesman calls it 'rare occurence'
  2. Overbooked Air India flight leaves passengers behind; airline spokesman calls it 'rare occurence'
  1. Iran more confident to save nuke deal after US exit: Official
  2. Iran more confident to save nuke deal after US exit: Official
  1. Infiltration bid foiled, four militants killed in north Kashmir: Army
  2. Infiltration bid foiled, four militants killed in north Kashmir: Army