Google is already testing the restriction on installing applications not from the branded Google Play store, and so far many people are taking advantage of this opportunity – including cybercriminals who spread all kinds of viruses through the Internet. TrendMicro experts have discovered that behind the popular e-mail application is a spyware program.
The new Android spy is the CallerSpy program. It is masked as a secure mail client called Apex App or Chatrious. Both applications are distributed through supposedly official sites, as shown in the screenshots above. According to experts, the virus has not yet penetrated Google Play.
For cheating of users developers CallerSpy give out the sites under official servers Google, adding in the domain the superfluous letter “o”, than in addition cheat users.
After getting to the smartphone CallerSpy begins to collect personal data of the victim. Over time, the software gets access to all the important information on the phone: SMS, call log, contact list, photo and video, as well as credit cards and passwords to social networks. For this purpose, CallerSpy takes frequent screenshots and sends them to a remote server to the intruders. By the way, the mail client application itself simply does not work.
TrendMicro reports that such information costs a lot of money in the darkenet. For example, it costs an average of $2.5 for a cracked Facebook account. PayPal accounts are estimated from 10 to 100 dollars, depending on the credit history and linked cards.
So far, the developers of CallerSpy are aimed only at users of Android-devices, but TrendMicro notes that nothing prevents them from quickly switching to iOS and Windows. Specialists encourage everyone to be careful when installing applications not from official sources.