A hacker group allegedly linked to the North Korean government has placed several malicious Android apps on Google Play and tricked some of the platform’s users into installing the infected software, according to cybersecurity firm Lookout.

Image source: lookout.com

The campaign included several samples of the KoSpy malware, at least one of which was downloaded more than a dozen times, according to a screenshot from the Google Play store. The North Korean hackers often use their skills to steal money, experts say, but in this case, their goal is to collect data — KoSpy is a spy app. It collects “a huge amount of sensitive information,” including SMS messages, call logs, device location data, files on the device, keyboard input, Wi-Fi network information, and lists of installed apps. KoSpy records audio, takes photos with cameras, and takes screenshots. It used the Firestore cloud database on Google Cloud infrastructure to obtain “initial configurations.”

Lookout reported its findings to Google, after which Firebase projects were deactivated, KoSpy apps were removed, and the malware itself was added to the automatic detection system. Lookout experts found some KoSpy apps in the alternative APKPure app store, but its administration did not confirm the fact of the cybersecurity experts’ appeal. The alleged victims of the campaign are people from South Korea – some of the infected apps discovered had Korean names, as well as interfaces in Korean and English. References to domain names and IP addresses previously associated with other malware campaigns, for which hackers from the DPRK were accused, were found in the code of the apps.

admin

Share
Published by
admin

Recent Posts

Huawei May Switch to HarmonyOS on Its Laptops — Windows License Expires in March

Huawei MateBook laptops have been shipping with the Windows operating system for years, but that…

2 hours ago

US authorities set to involve Oracle in TikTok deal

In an attempt to block possible channels of China's influence on the American public through…

2 hours ago

The world’s largest 3200MP camera is ready for use – it will be used to shoot the sky

This week, the Vera C. Rubin Observatory in Chile completed installation of the revolutionary 3,200-megapixel…

7 hours ago

Tronsmart Mirtune S100 Wireless Speaker Review: Power to spare

Although this is the first Tronsmart product we've reviewed, the company is far from new…

7 hours ago

ViewSonic Unveils 27-Inch 5K ColorPro VP2788-5K Monitor — Half-Cost Alternative to Apple Studio Display

ViewSonic has introduced the premium ColorPro VP2788-5K monitor, which features a 27-inch matrix with support…

7 hours ago

Apple is developing several versions of the second-generation Studio Display monitor

According to online sources, Apple is working on a third-generation Studio Display (codenamed J527). This…

7 hours ago