Skip to content
Tech News
← Back to articles

Another spyware maker caught distributing fake Android snooping apps

2026-04-24 | original
read original get Android Security Toolkit → more articles
Why This Matters

The discovery of Morpheus spyware highlights the growing proliferation of government surveillance tools that can be distributed through fake Android apps, raising concerns about privacy and misuse. It underscores the increasing availability of low-cost, accessible spyware technology, which can be exploited by various entities, including law enforcement and potentially malicious actors. This development emphasizes the need for stronger security measures and oversight in digital surveillance practices to protect consumer privacy.

Key Takeaways

Yet another government spyware maker has been caught after its customers used fake Android apps to install its surveillance software on targets, according to a new report.

On Thursday, Osservatorio Nessuno, an Italian digital rights organization that researches spyware, published a report on a new malware it calls Morpheus. The spyware, which masquerades as a phone updating app, is capable of stealing a broad range of data from an intended target’s device.

The researchers’ findings show that the demand for spyware by law enforcement and intelligence agencies is so high that there are a large number of companies providing this technology, some of whom operate outside of the public spotlight.

In this case, Osservatorio Nessuno concluded that the spyware is linked to IPS, an Italian company that has been operating for more than 30 years providing traditional so-called lawful interception technology, meaning tools used by governments to capture a person’s real-time communications that flow through the networks of phone and internet providers.

According to IPS’ website, the company operates in more than 20 countries, though that likely does not refer to its spyware product, which until today was a secret. The company lists several Italian police forces among its customers.

IPS did not respond to TechCrunch’s request for comment about the report.

The researchers called Morpheus “low cost” spyware because it relies on the rudimentary infection mechanism of tricking the targets into installing the spyware on their own.

More advanced government spyware makers, such as NSO Group and Paragon Solutions, allow their government customers to infect their targets with invisible techniques, known as zero-click attacks, which install the malware in a completely stealthy and invisible way by exploiting expensive and difficult-to-find vulnerabilities that break through a device’s security defenses.

In this case, the researchers said the authorities had help from the target’s cellphone provider, which began deliberately blocking the target’s mobile data. At that point, the telecom provider sent the target an SMS, prompting them to install an app that was supposed to help them update the phone, and regain cellular data access. This is a strategy that has been well documented in other cases involving other Italian spyware makers.

Image Credits:Osservatorio Nessuno

... continue reading

Explore topics: morpheus ips osservatorio nessuno android spyware
Related:
From snappy to sluggish: Pixel users describe post-update performance nightmare
Over a decade later, Spotify finally brings this useful desktop playlist tool to mobile users
Nest Hub bug confuses it between AM-PM, but Google is on it
Android’s Linux Terminal now lets you max out performance, but at a cost
Android’s Linux Terminal app just got a lot more colorful with theme support

© 2026 GoKawiil

About | Editorial Policy | Contact