Researchers from the Spanish cybersecurity company Lab52 have detected spyware that aims to access many features of Android devices.
This software infiltrates smartphones via an application called Process Manager which may have been downloaded inadvertently after clicking on a link, report our colleagues from
Software that siphons user data
Once the application is downloaded, a list of 18 permissions such as access to GPS, contacts, camera or even calls is requested.
With this process, hackers rely on the fact that users are now used to accepting without worrying too much about the consequences, especially with the daily acceptance of cookies on the Internet.
Problem: once all this has been accepted, the software will draw all the resources to which it has access on the device before sending them to a server based in Russia.
Then the app completely disappears from the home screen of the device.
Doubts about Russia's involvement in this hack
After the discovery of an IP address located in Russia, there are suspicions of a computer attack perpetrated by this country.
“The server to which this software is connected was used for a while by the Russian state.
Except that these IP addresses can be bought on the black market and can be reused by someone else”, nuanced Benoit Ferault, cybersecurity expert at Quarkslab.
Lab52 researchers have discovered similarities in this hack with methods used by the Russian hacker group Turla, funded by the Kremlin.
But there is still nothing to confirm that it is these pirates who are behind this maneuver because it seems quite crude for a group with significant resources and advanced techniques.
US claims to have thwarted global cyberattack from thousands of Russian malware
Cryptocurrencies: More than 600 million dollars stolen from an online network by hackers