Google is already testing a ban on installing applications, not from the Google Play store, but for now many take advantage of this opportunity - including cybercriminals who spread all kinds of viruses across the Internet. TrendMicro experts have discovered that spyware is behind the popular email application.
The new Android spy is CallerSpy. It masquerades as a secure email client called Apex App or Chatrious. Both applications are distributed through supposedly official sites, as shown in the screenshots above. According to experts, the virus has not yet penetrated Google Play.
To deceive users, CallerSpy developers submit their sites to official Google servers, adding an extra letter “o” to the domain, which further deceive users.
After entering the smartphone, CallerSpy begins collecting the victim’s personal data. Over time, the software gets access to all important information on the phone: SMS, call log, contact list, photos and videos, as well as credit cards and passwords for social networks. For these purposes, CallerSpy takes frequent screenshots and sends them to a remote server to attackers. By the way, the mail client application itself simply does not work.
TrendMicro reports that such information is worth a lot of money in the darknet. So, for a hacked Facebook account, you can get an average of $2.5. PayPal accounts are priced between $10 and $100, depending on credit history and linked cards.
So far, CallerSpy developers are aimed only at users of Android devices, but TrendMicro notes that nothing prevents them from quickly switching to iOS and Windows. Experts urge everyone to be careful when installing applications, not from official sources.