But not information from banking applications, which is surprising.
Kaspersky Lab specialists have discovered a new type of cyberthreat aimed at Russian Android users. The malware, dubbed LianSpy, disguises itself as harmless applications, giving attackers access to confidential information.
Unlike many mobile Trojans aimed at stealing financial data, LianSpy shows no interest in banking applications. Its creators are much more interested in personal correspondence, contacts and other confidential information, which may indicate targeted surveillance of specific individuals. The question arises: who is behind this spying campaign?
According to cybersecurity expert Dmitry Kalinin, LianSpy uses methods that are unconventional for mobile spies, transmitting data through public services, which makes it much more difficult to find the attackers. The scale of the infection is not yet clear, but, apparently, the attacks are targeted and have been going on since at least mid-2021.
LianSpy gets onto devices by exploiting unspecified system vulnerabilities, and possibly also by physically accessing the smartphone. Once inside, the Trojan “hides” from the user, running in the background and gaining full control over the device.
Kaspersky Lab experts continue to study LianSpy to determine the scale of the threat and develop methods of protection against it. In turn, Android users are advised to be vigilant when installing applications, especially from unverified sources.