Android Spyware Threat: ProSpy and ToSpy Target Users
Cybersecurity experts have warned of ongoing spyware campaigns targeting Android users. The malicious software, named ProSpy and ToSpy, can steal sensitive data and has been active since at least June 2022. The spyware is embedded in fake messaging apps, posing as popular services like Signal and ToTok.
The spyware, once installed, is persistent and can access sensitive data files, contacts, chat backups, and media. It has been distributed through phishing campaigns and fake app stores, with one website posing as the Samsung Galaxy Store. The attacks are regionally focused, with recent discoveries indicating targets in the United Arab Emirates.
Researchers from ESET first detected the ProSpy campaign in June 2024 and ToSpy in June 2022. Both spyware types can reload authentic apps to maintain their legitimacy. The command-and-control servers for the ToSpy campaign remain active, indicating the threat is ongoing.
Users are advised to be cautious when downloading apps from third-party websites. Always verify the source and authenticity of apps before installation. The discovery of these spyware campaigns underscores the importance of regular software updates and robust security measures.
Read also:
- Trump announces Chinese leader's confirmation of TikTok agreement
- U.S. Army Europe & Africa Bolsters NATO, African Partnerships in Phase Zero
- SpaceX & T-Mobile Activate Starlink for Hurricane Helene Connectivity
- Hackers Utilize GOLD SALEM to Infiltrate Networks and Evade Security Measures, Deploying Warlock Ransomware
