Security researchers from Kaspersky have found one of the most of spyware that enable attackers to take full control over the infected remotely.

The new spyware has been called , it has been created for targeted surveillance. The researchers traced down indication of ’s activity back to 2014, but they said the spyware was most active in 2016. They also said that the spyware’s source code included many strings and comments written in the Italian language, which suggests the spyware was intentionally created to target Italian users only.

The malware could record audio through the microphone when an infected device was in a specified location and could make the device to connect to Wi-Fi networks managed by the hacker.

According to researchers: “Given the many artifacts we in the malware code, as well as infrastructure analysis, we are pretty confident that the developer of the Skygofree implants is an Italian IT company that works on surveillance , just like HackingTeam.”

Skygofree has been spread through fake web pages that are simulating leading mobile network operators, most of which have been registered by the cybercriminals since 2015.

Once installed, it shows a fake welcome notification to the victim:
“Dear Customer, we’re updating your configuration and it will be ready as soon as possible.”

At the same moment, it hides an icon and starts background services to hide further operations from the victim.

Users are recommended to download apps only from the official stores.

The following two tabs change content below.

is a professional pen-tester with over 9 years of IT experience a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and and was successfully acknowledged by them.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here