Not for the first time: North Korean hackers used fake apps to spread spyware on Android

Serving tech enthusiasts for over 25 years.TechSpot means tech analysis and advice you can trust In brief: Malware making its way past Google's checks and onto the Play Store isn't a new phenomenon, yet it keeps happening. The latest incident involved spyware that was uploaded to the Android app store by a group of hackers believed to be linked to the North Korean regime. Lookout Threat Lab researchers discovered the spyware, dubbed KoSpy, attributing it with medium confidence to North Korean APT group ScarCruft, also known as APT37. The spyware was hidden in the type of fake apps we so often see in these cases: file managers, software update utilities, and security software. KoSpy is able to pilfer an extensive amount of sensitive information from devices it infects. This includes SMS messages, call logs, device location, access to files and folders on local storage, Wi-Fi network details, and a list of installed applications. The spyware is also able to perform even more siniste ... Read full article.