Federal Ministry of Communication and Digital Economy, has alert Nigerians using Android phones about new spyware hackers develop to steal ones data from phones.
According to information posted on the official Facebook page of the ministry, the Spyware application has the ability of monitoring and collecting data from phone without Owner been aware of it.
The ministry said that the Spyware was newly developed, and is masquerading as legitimate application to decieve their target to install the app.
The information read:
If you are using an Android phone, beware of newly discovered spyware masquerading as a legitimate application that grants complete access to data stored on a mobile device as well as control over the targeted device.
Read more details below
PhoneSpy, the new Android spyware masquerade as legitimate application and grant attackers complete access to data stored on a mobile device as well as full control over a targeted device.
PhoneSpy is distributed via malicious and illegitimate app that are downloaded and sideloaded onto the victim device. This distribution occur via web traffic, redirection or social engineering such as fishing in which the end user is tricked into downloading what they believe to be a legitimate app from a compromised website or direct link.
Phonespy target Android phones and disgust itself as variety of lifestyle apps. these malicious Android apps are designed to run in the background constantly spying on their victim without raising suspicion stealing data eavesdropping on message and viewing image store on the phone are all future of phonesSy at the same time attacker have complete remote control over infected Android phone.
It first ask for permission before opening a phishing page that look like the login page of some messaging app in order to steal credential with a single sign-on feature this information can then be used to log into order service.
Meanwhile the spyware functions as a remote access Trojan (RAT) in the background abusing permission exfiltrate data to a command-and-control server and leaving the device vulnerable to threat actor"NaijaBlog.ng