Whatsapp Pic

Smartphone spyware can steal WhatsApp messages from Android phones

Smartphone surveillance software that can steal WhatsApp messages from Android phones has been discovered by security researchers. The malware, dubbed Skygofree, can switch on the microphone when a smartphone enters a specified location.

It is capable of seizing call records, calendar events and locations stored on the device’s memory, according to Russian cyber security researchers at Kaspersky Lab. The researchers said it had been found on malicious websites in Italy and had been developed by an Italian IT company.

It is spread through websites that appear to belong to mobile networks, and remains permanently active by adding itself to the list of “protected apps” on a victims’ phone. This means it can force the phone to spy on its surroundings even when the screen is locked.

“High end mobile malware is very difficult to identify and block and the developers behind Skygofree have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion,” Alexey Firsh, Malware Analyst at Kaspersky said.

The discovery of the software is particularly concerning because of its ability to record encrypted WhatsApp messages.

It is able to do this by tricking an Android feature that was designed to help users with disabilities by making apps more accessible. The spyware can read messages displayed on the screen through the Android Accessibility feature, including messages a victim sends on WhatsApp, Kaspersky Lab said.

WhatsApp has always claimed to offer security for its users thanks to its end-to-end encryption and governments have hit out at the app, claiming that it was obstructing justice by not allowing backdoors into suspects’ conversations.

The researchers traced Skygofree back to Negg, an Italian IT company that offers spying tools and counts Italian law enforcement among its customers.

The malware has existed since 2014, they said, but booby-trapped domains were registered as recently as October 2017. Kaspersky said that there had been several victims in Italy.

Smartphone owners running Android operating systems can defend against malware by using security software which can scan their system, and making sure they visit only trustworthy sites and apps.