The malware hides itself on the home screen and operates stealthily in the background, managing to “steal” confidential data and monitor user activity.
The rise of smartphones has also led to a rise in hackers, who, in turn, create apps designed to steal sensitive data and spy on a user’s day-to-day activity.
Spyware tends to be selective about its victims, typically targeting members in a single company or a certain area.
The latest mobile spyware discovery, dubbed LianSpy, targets Android smartphones in Russia.
However, its unorthodox approaches to tracking user data can be applied in other regions as well, meaning all Android users should potentially take note.
LianSpy was discovered in March 2024, though it has been active for far longer, operating in the shadows for at least three years.
Unlike other spyware, LianSpy requires users to take some action in order to fully launch and integrate itself in a user’s phone.
Upon launching, the malware will run a check to see if has the necessary “permissions” to use overlays, read contacts, and access call logs.
If it doesn’t, the spyware will “request” permission from the user, disguising itself as a system applications and financial services app to do so.
Despite its “disguise,” LianSpy isn’t interested in a user’s banking data.
Instead, it monitors a user’s activity while they use their Android device, intercepting call logs, sending installed applications to its own servers, and recording a user’s screen.
LianSpy hides itself on a user’s home screen and manages to stealthily operate in the background using root privileges.
Also known as root access or superuser permissions, root privileges give Android users the “highest” level of access to their device.
This allows users to bypass manufacturer restrictions and:
- Replace or modify a device’s operating system
- Install any apps, including specialized apps or apps not typically available on Android devices
- Customize the device, e.g. changing the home screen or using ad blockers
By using root privileges, LianSpy can bypass Android status bar notifications, which are used to alert users when their phone is actively using its microphone or camera to record.
LianSpy is a Trojan malware, which makes it especially difficult to find.
Also known as a Trojan Horse virus, LianSpy was likely delivered on select Android devices via “legitimate” files or apps, like a software update, email attachment, or a scam app.
Spyware isn’t going away anytime soon, with hackers only growing more sophisticated as technology develops.
Downloading apps only from official stores and catalogs is a good start, but spyware does manage to infiltrate even those.
A good rule of thumb is to only download apps you need, and ensure that you’re downloading applications from a trusted source, like a legitimate company or brand.
Android users should also only use well-known apps from trusted developers, and avoid “alternative” clients for messaging, like WhatsApp or Signal.
Conducting a spyware “sweep” from time to time can also be beneficial.
Giving a thorough look through your existing applications, permissions, and system preferences can help detect unwanted or unnecessary applications and permissions, allowing users a chance to update or delete those as needed.
Users with Android devices should also update their operating systems regularly, as malware can’t always adapt to new security features and bug fixes.
Using spyware detection tools can occasionally be helpful, though some spyware can manage to avoid detection.
Read More:- https://www.the-sun.com/tech/12188412/android-spy-app-hides-phone-records-screen-stay-safe/
Source Credit: https://www.the-sun.com/