Spawn

Administrator
Verified
Staff member
Security researchers recently found government spyware squatting in plain sight, pretending to be harmless vanilla apps on Google’s Play store. This time around, the malware doesn’t come from the NSA. Rather, it allegedly comes from the Italian government, which apparently purchased it from a company that sells surveillance cameras.

According to Motherboard, this is the first time that security researchers have seen malware produced by the surveillance company, known as eSurv.
It was discovered in a joint investigation carried out by Motherboard and researchers from Security Without Borders – a non-profit that often investigates threats against dissidents and human rights defenders.

Security Without Borders published a technical report of their findings on Friday:
We identified previously unknown spyware apps being successfully uploaded on Google Play Store multiple times over the course of over two years. These apps would remain available on the Play Store for months and would eventually be re-uploaded.
They’re calling the malware Exodus, after the name of the command and control servers the apps connected to.
Source: Government spyware hidden in Google Play store apps

Motherboard Link 1: Researchers Find Google Play Store Apps Were Actually Government Malware
Update: Motherboard Link 2: Prosecutors Launch Investigation Into Company That Put Malware on Google Play Store

Technical Report: Security Without Borders