Researchers at security company, Lookout, have identified a family of malware, referred to as ‘SonicSpy’ on Google Play Store, that can remotely control infected Android smartphones.
The samples of ‘SonicSpy’, called ‘Soniac’, is marketed as a messaging app. The malware gives attackers control over the device and allows them to silently record audio, make calls, retrieve call logs, contacts and take photographs, the company said in a blogpost. While ‘Soniac’ does provide this functionality through a customised version of the communications app ‘Telegram’, it also contains malicious capabilities that provide an attacker with significant control over a target device. The infected applications that entered Google Play Store are ‘Troy Chat’, ‘Hulk Messenger’ and ‘Soniac Messenger’.