A new malware has been found in over 1000 apps, some of which were even found on the Google Play Store.
SonicSpy may sound like a fun new video game, but it’s a new version of malware that none of us would want. This new malware, discovered by Lookout security researchers, has been found in over 1000 apps and some have even been found in lurking within the Google Play Store.
The app which Lookout focused on goes by the name of Soniac and has since been removed from the store. The app was listed as a chat app and did in fact offer chat functionality through the inclusion of a customized version of Telegram. Unfortunately, this was not the only payload the app was carrying.
Once installed, the app hides it’s icon and installs the customized version of Telegram, it then goes about it’s real purpose. This malware has the ability to silently record audio, take photos with the camera, make phone calls, send text messages and retrieve information such as call logs, contacts, and WiFi access points. Soniac is not the first chat app which the developer account had posted to Google Play. Two earlier chat apps were discovered by Checkpoint which may or may not have carried the same malware. Both these chat apps were previously removed from Google Play although it is not known if Google removed them or if the developer did.
While the app which Checkpoint identified has been removed from the Google Play Store, the malware is still actively being developed. It can surely still be found on other app stores. Let’s hope that Google has been able to determine how the developer was able to circumvent the Play Store’s security checks so that we won’t see this malware make a future appearance there again.