Android spyware apps target Israel in three-year-long campaign


Level 83
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day.

The spyware-laden apps were discovered by researchers at Qihoo 360 who found various apps disguised as social applications, Threema, Al-Aqsa Radio, Al-Aqsa Mosque, Jerusalem Guide, PDF viewer, Wire, and other applications. The most abused app is one pretending to be Threema, an end-to-end encrypted instant messaging application.

The researchers believe the initial vector for these apps is a Facebook post or WhatsApp message that points victims to a website that hosts the APK and offers it for download.