Cell phone tracking is big business. Jealous boyfriends want to use girlfriends’ devices to follow their companions’ movements. Wives want to track husbands they suspect are cheating on them. And corporate spies want to listen in on competitors.
Bugging someone’s device without their knowledge is illegal in most countries. It is also deceiving consumers into downloading software under false pretenses.
An Italian software maker has managed to cross both legal boundaries with its Android app, called Skygofree.
Skygofree has actually been around since 2014, according to Kaspersky Labs, which discovered the malware. However, at the end of 2017 a new release presented capabilities the cyber security firm had not seen in other products. The attacks appear to be restricted to Italy at the minute. Analysts believe Negg International, an Italian cyber security company, developed Skygofree.
Spygofree has spying abilities such as location-based audio recording and other functions that Kaspersky had never seen before. The malware tracks the location of a device, then switches on the audio recording functionality of the gadget based on the GPS coordinates. Criminals can also listen in on their targets. That means corporate meetings may be in jeopardy of remote eavesdropping.
The other function that is distinct is the capability of Skygofree to link infected gadgets to Wi-Fi networks that hackers manage. The capability permits black hats to monitor all communications on the victim’s phone. The vulnerability makes user names, passwords, bank card numbers and other sensitive details open to theft. The function works even if Wi-Fi is inactive on the device.
The malware can even run in standby mode. The latest Android OS stops non-active apps and procedures to conserve a device’s battery life. Skygofree remains active, however, by regularly sending out system notices. It can even disguise itself as a “preferred app” so that the Android OS does not preempt its operation.
Skygofree is likewise efficient in recording communications on channels such as Facebook Messenger, Skype, Viber, and WhatsApp. The malware monitors WhatsApp messages through the Android OS Accessibility Services.
Skygofree also has the capability of switching on the device’s camera remotely. Then, it snaps a photograph of the user when the user accesses the device.
ArsTechnica estimates the malware supports 48 functions that have ill-intent. One of the most malicious involves intercepting SMS text messages, phone calls, calendar entries and other user-related information.
The malware spreads through downloads from fraudulent websites that appear to belong to genuine mobile services carriers like Vodafone. Skygofree disguises itself in online libraries as an app that enhances a mobile device’s speed.
While spying is not cool or legal, infesting mobile devices with malware is unconscionable.