The malware was able to sneak back into the Google Play store and hit more than 100,000 users in 196 countries.
As mentioned in TRENDMicro, these malware called MobstSPY have infected thousands of phones to steal user data:
"MobstSPY is capable of stealing information such as user location, SMS conversations, and call logs. FireBase Cloud Messaging is used to send information to the hacker's server, and then malware collects certain information from the device, such as the language used, the registered country, the package name, Device and other data ... "
As mentioned in TRENDMicro, these malware called MobstSPY have infected thousands of phones to steal user data:
"MobstSPY is capable of stealing information such as user location, SMS conversations, and call logs. FireBase Cloud Messaging is used to send information to the hacker's server, and then malware collects certain information from the device, such as the language used, the registered country, the package name, Device and other data ... "
In addition, malware can also work on phishing attacks, creating fake windows for your Google and Facebook login page to get access to these services.
To access and hunt users, hackers used a series of free apps available on Google Play, such as Flappy Birr Dog, FlashLight, Win7imulator, Win7 Launcher and HZPermis Pro. Once users download these applications, malicious software begins to process, and communicate with the server that sends commands to gather data from the users' victim phones.
According to the TM report, some of the affected countries are India, Russia, Brazil, United States, Mexico, Germany, Argentina, and others. Google has already taken action and removed the apps we mentioned, although it did not provide any details on the issue, so if these applications are installed on your phone, remove them immediately.
To access and hunt users, hackers used a series of free apps available on Google Play, such as Flappy Birr Dog, FlashLight, Win7imulator, Win7 Launcher and HZPermis Pro. Once users download these applications, malicious software begins to process, and communicate with the server that sends commands to gather data from the users' victim phones.
According to the TM report, some of the affected countries are India, Russia, Brazil, United States, Mexico, Germany, Argentina, and others. Google has already taken action and removed the apps we mentioned, although it did not provide any details on the issue, so if these applications are installed on your phone, remove them immediately.
