Skip to main content

New Malware Can Spy On You In Scary Ways

By December 14, 2019May 9th, 2022Cybersecurity

There’s a new strain of malware in the wild. It is targeting Android devices and disguised as an innocuous chat app.

Researchers at Trend Micro have discovered it in two different apps so far:  Chatrious and the Apex App.  Chatrious has since vanished from Google’s Play Store, but at the time this piece was written, the Apex App is still available for download.

If you have either of these, you should delete them immediately.

In both strains unearthed so far, when a user downloads the app and launches it, the program will quietly connect to a command and control server. It will then begin rooting around in the device the app is installed on, collecting contact lists, text messages, call logs and any files stored locally on the device.

In addition to that, the malware can activate the device’s microphone to create audio recordings to be sent to the command and control server, and it is capable of taking screenshots of anything displayed on the device.

The app has only been found on the Play Store at this point. However, an analysis of the code reveals that the person or group behind it has already built in hooks that would make it capable of attacking iOS and Windows-based machines. The researchers fear that this malware is in an early stage of development.  What they found in the code points to this being the leading edge of a much larger and more widespread attack.

In addition to its being a potentially devastating piece of malware, the researchers indicated that this code would be perfect for conducting highly advanced cyberespionage campaigns. That is, given that high ranking corporate and government employees have such a wealth of information on their phones and almost always keep them close at hand.  The ability to make recordings of things going on in the immediate vicinity of the infected device could lead to no end of trouble.

In any case, if you have either of the apps mentioned above installed on your phone, delete them immediately.  Trend Micro has promised further updates about this latest malware threat as they get them.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.