I love when the sale happens in malls. People just rush and want to get good things for cheap prices. And who doesn’t love something free?
The spyware and malware market is highly lucrative when it comes to sale [on the black and grey market]. And there is similar rush there as well during the sale. But the recently freely available SpyNote spyware has got every cyber criminal running for a piece of the action. Experts from Palo Alto Networks recently discovered a RAT (Remote Access Trojan) offered for free called Spynote, much like OmniRat and DroidJack .
“Our team recently discovered a new Android Trojan called SpyNote which facilitates remote spying. The builder, which creates new versions of the malware, recently leaked on several malware discussion forums. SpyNote is similar to OmniRat and DroidJack, which are RATs (remote administration tools) that allow malware owners to gain remote administrative control of an Android device.” states a blog post published by PaloAlto Networks.
Let’s look at some of the functionalities of this potent Android Trojan.
Amazing list of malicious uses and its available for free. Yes, it’s free.
This is the reason why many security researchers are worried that it will soon be a big problem as many less proficient cybercriminals [*cough *cough script kiddies] will be using it extensively.
Also, people with ill intents may also install the Trojan manually for spying purposes.
SpyNote does not require root access to a device but it prompt users for a long list of permissions on installation.
It’s not clear yet how authors plan to distribute the RAT to the victims, though attacks have not been seen yet, but researchers believe that since the SpyNote builder is available for free customized versions of its APK will soon be distributed via third party websites near you.
But Android users should be worried as newer versions of our loveable Android have features like Verify Apps and SafetyNet which may block such malware packages from getting installed.
Moral of the story, don’t install applications from third-party stores as even Google Play sometimes is unable to keep malicious applications at bay itself.
About the Author: Joshua Bahirvani
Cyber Security Enthusiast and believer of Privacy in this Digital Age.
LinkedIn : https://in.linkedin.com/in/jbahirvani15
Twitter : @B15joshua
Medium : @jbahirvani15
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.