Tech Trends

SpyNote Malware Targets Android Users By Recording Your Calls, Taking Screenshots

Highlights

  • SpyNote malware distributed via smishing targets Android devices.
  • Once installed, the malware gains critical permissions through Accessibility Services.
  • The malware employs stealth tactics to hide its presence on compromised devices.
  • The threat has evolved, with custom variants emerging post a source code leak in January 2023.

SpyNote, a spyware specifically designed for Android devices, is ramping up its activities, putting users’ sensitive information at risk.

Detailed by cybersecurity firm F-Secure, this malware is currently being disseminated through fake text messages, commonly known as smishing.

Here’s what you need to know about this emerging cybersecurity threat and how you can protect yourself.

Method of Distribution

Researchers at Italy’s D3Lab first identified a fake IT alert site that warned of a possible upcoming volcanic eruption and urged visitors to download the app for updates.

When iOS users click on the download button, they are redirected to the authentic IT-alert site.

However, Android users receive an ‘IT-Alert.apk’ file upon clicking the download button. This APK file carries the SpyNote malware.

Functionality and Permissions

Once installed, the malware gains access to Accessibility services, enabling the attackers to carry out a broad range of invasive actions on the compromised device.

Although it doesn’t require an exhaustive list of permissions, the few that it does request are critical.

SpyNote Malware Targets Android

Upon launching, it initially asks for BIND_ACCESSIBILITY_SERVICE permission.
Once granted, the malware autonomously approves several additional vital permissions.

SpyNote is designed to stay under the radar; it does not appear in the app launcher or the Recents screen.
To activate the malware, external triggers such as an SMS are employed.

Evolving Threat

Evolving Threat

SpyNote was first documented in 2022 and has since reached its third major version.

In January 2023, a report from ThreatFabric revealed a spike in SpyNote detections following a leak of one of its source code variants, codenamed ‘CypherRat.’

This leak led to the development of custom variants that specifically targeted banks or masqueraded as popular apps like Google’s Play Store, Play Protect, WhatsApp, and Facebook.

FAQs

What is SpyNote malware?

SpyNote is a spyware that specifically targets Android devices. It is distributed primarily through fake text messages.

How does SpyNote get installed?

The malware deceives users into downloading an APK file, posing as an emergency alert, which then installs SpyNote on Android devices.

What permissions does SpyNote require?

The malware asks for BIND_ACCESSIBILITY_SERVICE permission initially, and once granted, autonomously approves several more vital permissions.

How can I protect myself?

Only download apps from trusted sources and be cautious when clicking on links from unknown or suspicious text messages.

Also Read: ‘Like a Video and Make Money’ scam: All about the cyber fraud on Whatsapp; Received WhatsApp message asking you to like YouTube videos for Rs 150? It’s a scam

Also Read: Metaverse May Open Up New World of Cybercrime, Fears Interpol

Share
Published by
Team My Mobile

Recent Posts

Samsung May Bring Privacy Display to Galaxy S27, S27 Pro, S27 Plus and S27 Ultra: Report

Highlights Report suggests Samsung will bring Privacy Display to Galaxy S27, S27 Plus, S27 Pro,…

2 hours ago

Redmi 17 5G Appears on Certification Sites, 7,500mAh Battery, 45W Charging and Up to 256GB Storage Tipped

Highlights Redmi 17 5G spotted on Malaysia’s SIRIM and Taiwan’s NCC databases confirming model number…

4 hours ago

Moto G77 Power India Launch Confirmed for July 8, Key Specifications and Price Range Revealed

Highlights Moto G77 Power confirmed to launch in India on July 8 and priced under…

5 hours ago

OnePlus Ace 7 Series Specifications Leaked: Snapdragon 8 Gen 5, Up to 10,000mAh Battery and 16GB RAM Tipped

Highlights OnePlus Ace 7 tipped with Snapdragon 8 Gen 5, 6.78" 1.5K OLED, adaptive 185–240Hz…

7 hours ago

Vivo X500 Camera Specifications Leak Online – 50MP Main Sensor, 64MP Periscope Lens Tipped

Highlights Vivo X500 prototype tipped to feature a triple rear setup with 50MP Sony main…

8 hours ago

iQOO Z11i Launched in China With 120Hz Display, Snapdragon 4 Gen 2 and 6,500mAh Battery

Highlights iQOO Z11i debuts in China as an entry-level model with price starting from ¥1,299.…

9 hours ago

This website uses cookies.