Internet Security Blog - Hackology
    Internet Security Blog - Hackology
    AndroidHacking

    SonicSpy Spyware floods App stores

    Rinaida
    August 17, 2017
    Add comment
    2 min read

    The so-called “Sonicspy” is a spyware family with over 4000 nasty Android apps,some on Google play store, uses your phone to spy on you.The spyware is capable of monitoring almost every action. Not only it records phone calls but can also make calls to earn money through premium services set up by the hackers. It can also take pictures by hijacking device’s camera, steal call logs and find user’s location through monitoring WiFi hotspots.

    Deployment of Spyware

    SonicSpy had been spreading rapidly over app stores since February and researchers at Lookout who identified the spyware believe that it is being deployed by Iraqi hackers.Three versions of it, namely Soniac , Hulk Messenger and Troy Chat, made their way to the official Google Play store, each disguised as a messaging service.

    Soniac being the most popular, and marketed as telegram’s customized version as “Telegram Plus” (Plus being the Spyware) had 5000 downloads before it was removed by Google,the other two were probably withdrawn by the developers.

    How does it Operate

    The malware supports 73 differents commands, remotely performed by the operators through command and control server including commands to record calls and audio, take photos, make calls, send text messages to numbers specified by the attackers,and monitor calls logs, contacts and information about wi-fi access points.
    Lookout said that SonicSpy had similarities to SpyNote, another malicious app family reported last year and both might have been built by the same hacking operators as both share similar code, make use of dynamic DNS services and both run on the non-standard 2222 port.

    How to keep yourself Safe

    If you are addicted to your phone because it has constant internet connection,number of interesting apps and plenty of personal data you must be concerned about such attacks, Keep yourself safe:

    • Avoid third party apps completely.
    • Stick to the Official app store,after all 3 out  of 4000 is not that bad.
    • Be selective about official Google play apps.
    • Do not install Google play apps that have lesser utility or very few downloads.
    • Do not grant unnecessary permissions while installing apps, a legit app will still work out without getting access to microphone, camera or gallery when there is no real need of it.

    Such repeated malware attacks make us think that maybe it’s safe to be paranoid while downloading anything from anywhere.

    Add comment

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    You may also like

    Get Wise

    Subscribe to my newsletter to get latest InfoSec / Hacking News (1 Email/week)
    Utopia p2p Ecosystem