SonicSpy Malware Snoops on Google Play Users via Messaging Apps

By on Aug 15, 2017

Whether it’s a British spy sneaking around a casino, or a cybercriminal looking around your device, all spies snoop to find out information. In fact, a specific type of malware exists solely to spy on and collect innocent users’ data. It’s called spyware, and it’s done some serious damage in the past. Now, a new spyware with surveillance capabilities named SonicSpy is here, and it has been weaved into thousands of malicious messaging apps– three of which have made their way onto Google Play.

These three apps, named Hulk Messenger, Troy Chat, and Soniac all contain malicious features that make them the perfect vector for cybercriminals wishing to snoop. Soniac’s capabilities in particular provide an attacker with significant control over a target device.

So, what does this control look like exactly? Once a user has downloaded a Soniac messaging app, SonicSpy malware can record audio, make outbound calls, send text messages to attacker-specified numbers, and retrieve information such as call logs, contacts, and Wi-Fi access point details.

The good news is these three apps have since been removed from Google Play. However, the remaining apps—which since February number slightly more than 4,000—are being distributed through third-party app stores. Plus, these malicious apps are also being distributed through direct phishing texts with download links. So, its important users still remain cautious.

Therefore, to ensure you don’t get snooped on by SonicSpy, follow these tips:

  • Only shop on legitimate app stores. Many of the infected applications exist outside of Google Play and are floating around on unaffiliated third-party stores. It’s crucial users only download applications from official stores, like Google Play or the Apple App store, to ensure they don’t get spied on by SonicSpy.
  • Check app reviews. Before you even download an app, make sure you head to the reviews section of an app store first. Take the time to sift through the reviews, and keep an eye out for ones that mention that the app has had issues with security or might be a bit sketchy. When in doubt, don’t download any app that is remotely questionable.
  • Don’t click. If you’re ever sent an email or a text message from an unknown source, remain wary and don’t click on any links that may be included in the message’s content. These links can carry malware, or redirect you to a malicious app in this instance.
  • Use a mobile security solution. As spyware campaigns continue to hit mobile devices, make sure your phone is prepared for any threat coming its way. To do just that, cover these devices with a mobile security solution, such as McAfee Mobile Security.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs