Most of mobiles Malware do relatively simple stuff, stealing data, mining cryptocurrency or encrypting files, but some months ago a very sophisticated one was discorevered, Skygofree.
Some of the functions that make Skygofree terrifying are:
- It can turn on the microphone for audio recording when the device is in a determined location
- It can connect to networks controlled by the hackers, even with Wi-Fi disabled on the device, giving access to all the user’s traffic (passwords, credit cards, sites visited).
- The stealing of WhatsApp messages via Accessibility Services
- Secretly turning on the front-facing camera and take photos or videos
The main way on infection is through fake Mobile operators pages, where the user downloads an “update” and get infected. Once on the Phone, it shows a progress bar while waiting for instructions on what to do from the attackers.
The virus also has a way to protect itself, it can show a fake notification to prevent killing the background services it use.
Skygofree uses exploits to get the root privileges by looking for the device in a database of mobiles, to adjust itself on what it is attacking and exploiting its vulnerabilities.
So far Skygofree has only been seing on some parts of Italy, however, due to all the damage it can cause it is better to be prevented by only downloading apps from official sources and disabling installation of third-party apps.