Lookout security researchers have discovered that five apps on Google Play contain the Noord -Korean Spyware Kospy.
The apps in question claim that they are file managers, security aids and software updates. Four of the apps offer at least some of the promised functions, but when it comes to Kakao security, only a fake system window is displayed.
Users who install the apps risk sensitive information that is passed on to the Noord -Korean Hacker Group APT 37 (also known as Scarcruft), reports Bleeping Computer. Kospy has access to information about a user in various ways:
- Recording Test attacks
- Intercepting SMS and Urpwogboeken
- Follow GPS location in real time
- Read files in local storage
- Take audio via the phone microphone
- Make photos and video
- Create screenshots of the device display
According to a Google spokesperson, all targeted apps are now removed from Google Play, but if you have recently downloaded a Korean-English app to manage files, you may want to check whether it is safe to use.
This article originally appeared on our sister publication M3 And was translated and adapted from Swedish.
