New Android spyware "Skygofree" implements advanced functions for user monitoring: Is it an Italian IT company?
Russian security company Kaspersky Lab announced on January 16 that it has discovered a new Android spyware that implemented many advanced functions for user monitoring.
According to Kaspersky's blog, the new Android spyware was discovered in October 2017 and named it "Skygofree."A detailed investigation revealed that it has implemented multiple functions that have never been confirmed before.
The first version of Skygofree seems to have been developed at the end of 2014, and is equipped with a function to steal information recorded on the terminal, such as call records, text messages, location information, and calendar contents.It also implemented a function to try to promote authority by hitting multiple known vulnerabilities.
In the following updates, the function of using a microphone to record the surrounding audio, the function of steals Whatsapp's message through accessibility services for user assistance, and the Wi-Fi controlled by cyber criminal groups.It is said that the function to connect the device was added.
Skygofreeは2014年末に開発され、以後のアップデートでさまざまな機能が追加されていったと推測される(出典:Kaspersky Lab)Many web pages were found to be transmitted to Skygofree, pretending to be a website of mobile phone companies such as Vodafone.The domain on such sites has been registered since 2015, when the attack was most active.Most recently, several Italian users were infected with malware on a site registered in October 2017.
In early 2017, several spyware tools aimed at Windows were also discovered.However, it has not been confirmed at this time whether it is distributed.
Kaspersky Lab is positioned as Skygofree as "one of the most powerful Android spyware we have discovered so far."In June 2014, the company reported the actual situation of Italian companies, HackingTeam, which is said to have been involved in the development of citizen monitoring hacking tools used by investigators and information agencies in each country.It is almost certain that Skygofree is developed by Italian IT companies, which are monitoring solutions, like HackingTeam.