Android SonicSpy Spyware Found in Google Play Store

A new threat to Android users was recently uncovered by security researchers. The malware called SonicSpy has reportedly latched itself onto over 1,000 apps, a number of which are available on Google Play Store.

Lookout, a mobile security firm, discovered the spyware, which, according to reports, is currently widespread among Android devices. The malware is believed to have launched in February and it is linked to a threat actor from Iraq.

The report from Lookout states that SonicSpy allows hackers to look into their victims' personal information. The security firm asserts that Android users are susceptible to having their private details stolen. They can steal information registered in call logs, the contacts list, and more.

Unfortunately, it does not end there. The malware actually permits hackers to record audio from the infected device. Through SonicSpy, they can even take over the camera and snap photos. Even without the users' permission, hackers will be able to make outbound calls and send text messages. Lookout has identified 73 different commands that can be carried out through the malware.

As of now, the security firm has spotted more than 1,000 apps infected by the SonicSpy. One of which is an app called Soniac, which is readily available on the Google Play Store. It is a messaging app, a revamped version of Telegram.

Lookout traced the app to an account called iraqwebservice, which is also responsible for two other infected messaging apps, Hulk Messenger and Troy Chat.

In the past few months, Google has removed infected apps capable of stealing users' text messages and hijacking the devices' communication features. Despite their efforts to remove apps that come with malware, a few still manage to push through.

What surprises Lookout is that these applications were able to bypass the security standards implemented by Google, which supposedly functions to prevent these threats from going live.

More updates should roll out soon.