Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


One Fresh Android Spyware Exaspy Attacks Company Executives

According to Skycure, Android kit is being used for attacking executives while acquiring admission into their messages and chat sessions such as MMS, SMS, Google Hangouts, Facebook Messenger, Gmail, Skype, WhatsApp, Viber etc; contact lists; pictures; call logs; browser history; calendars etc. The attacks further record audios as well as phone calls while seize screenshots clandestinely from the affected device.

The commercial Android kit was used to create a spyware called Exaspy for the attacks and Skycure found it during September at the time one of its customers detected certain phony application known as "Google Services" active on the mobile of an executive of that customer's company. The application ran with all admin privileges, said Skycure Researcher Elisha Eshed.

Skycure explains that Exaspy works solely on Android mobiles but needs to physically access the devices for installing itself. Thereafter, it disguises as "Google Services" to load an icon named 'absent-of-launcher.' As per Eshed, Exaspy presently isn't detectable with the majority of security scanners for cell-phones. Threatpost.com posted this, November 4, 2016.

Exaspy's probable destruction for any company can be deep and wide. The spyware garners secret company data such as intellectual property, financial information, confidential meetings' audios, and product information. These then lets the malware purveyor hold the company at ransom by threatening that the data would be published or sold unless the company pays a huge amount of money demanded.

Eshed explains Exaspy's disguise is for confusing end-users into thinking that the process which's seen active on their mobiles is one real Google app. Since the "Google Services" app has its package name as com.android.protect, it's clearly an impersonation of Google Play Services.

The researcher writes it has been long that spyware applications compatible with iOS and Android are into existence. Nevertheless, as evident from some high-profile instances, the trend within prevalence and refinement of assaults against top-ranking employees is disturbing.

Skycure Research Labs suggests efforts for avoiding and mitigating the attacks require including authentication system of fingerprint and PIN code for accessing a smart-phone, deactivating USB debugging, routinely examining the Device Administrator list of an Android, and deactivating components that one feels are untrustworthy.

» SPAMfighter News - 11/11/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page