A Spanish cybersecurity company has identified spyware that can appear as an app on Android phones.
A small icon appeared on your Android phone? If you’ve recently spotted an unfamiliar application on your smartphone, the icon of which is the shape of a gear wheel… Don’t trust it. It could indeed be Russian spyware, the Spanish cybersecurity company Lab52 alerted on Saturday April 9, Le Parisien reports.
How would this spyware work? He actually hid behind it an application called Process Manager, that you may have accidentally installed by following a simple link.
Software that has access to your data
If you activate this application, Lab52 indicates that it will ask you for a series of authorizations, a priori like a classic application, but this time benefiting hackers, allowing them access to your personal data.
As a screenshot shows, the software then runs in the background and only appears when the taskbar is opened. It is therefore very easy to forget, and during this time your data will be sent to a server in Russia, explains the Parisian.
Origin of spyware uncertain
However, the exact origin of this spyware should be treated with caution, as IP addresses “can be bought on the black market and reused by someone else,” explains a cybersecurity expert. However, the context of the war in Ukraine fuels suspicions of Russian intentions nevertheless, there could be a connection with Turlaa regime-funded group of Russian hackers, while Lab52 makes progress, but this underscores its lack of certainty on the issue.
Furthermore, The hack actually installs an Indian app on your phone that, thanks to a sponsorship system, brings money to hackers with each new download of the application.
In short, while the precise targets of hackers are still unclear, the Process Manager application is to be avoided. Remember not to follow links that you do not know the origin of or accept the terms of an application that you have not installed yourself and that is not certified.