Android spyware apps target Israel in three-year-long campaign

silversurfer

Level 83
Thread author
Verified
Helper
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,327
A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day.

The spyware-laden apps were discovered by researchers at Qihoo 360 who found various apps disguised as social applications, Threema, Al-Aqsa Radio, Al-Aqsa Mosque, Jerusalem Guide, PDF viewer, Wire, and other applications. The most abused app is one pretending to be Threema, an end-to-end encrypted instant messaging application.

The researchers believe the initial vector for these apps is a Facebook post or WhatsApp message that points victims to a website that hosts the APK and offers it for download.