Skygofree malware

While Meltdown and Spectre are still causing chaos among IT departments, security researchers have discovered a new strain of malware for mobile devices. Named Skygofree, this new Android malware can spy on users by recording their audio, monitoring popular communication apps, and more.

Although this malware is believed to have been developed as early as 2014, researchers at Kaspersky announced their discovery on January 16, 2018. They warn that Skygofree seems highly advanced, as it gives hackers complete control over infected mobile devices.

What Skygofree can do to devices

Skygofree is distributed through fake websites that are hosted and controlled by attackers. So far these webpages have mimicked mobile operator sites, prompting users to download an app to increase their internet speed while also silently downloading Skygofree on their device.

Once installed, Skygofree can implement any number of its spying features, like recording calls and surrounding audio, collecting personal data from messaging apps (including WhatsApp, Facebook, and Viber) by leveraging Android’s Accessibility Services, and more. One of the more notable capabilities is that Skygofree can automatically record audio based on a device’s location. Above all, this malware can gain root privileges to the device using a shell payload that’s operated by a C&C server.

Aside from collecting data, Skygofree can also execute actions like capturing pictures, recording videos, sending SMS messages, recording users’ GPS locations, and more. Apart from these serious breaching capabilities, this malware can also force an infected device to connect to a compromised Wi-Fi network and execute man-in-the-middle attacks. 

Possible victims and suspects

As of now, some mobile devices in Italy have fallen victim to Skygofree. Kasperky has also released a full exploitation report, with details about the compromised domains and devices in total. Researchers suspect that this malware campaign will soon target Windows users as well.

According to researchers, they suspect that this malware was designed by an Italian firm; they’ve based their suspicions on Skygofree’s code and design.

How to protect your devices against Skygofree 

If you’re worried about your enterprise’s mobile devices being exploited by Skygofree, there are a few precautions that you can take. Educating end users on never downloading content from anonymous websites is a great place to start. For any type of malware, it’s always best to avoid clicking on links sent via email or SMS as well. 

Aside from educating end users, you can also secure your enterprise’s mobile devices using mobile application management (MAM) software. With an MAM solution in place, you can restrict apps on employees’ devices, blacklist anonymous apps, generate reports for the apps are being used in your enterprise network, and more. 

This year is expected to see more threats than 2017, so equip yourself with the right mobile device management tool and keep personal data in your network safe (especially if your enterprise needs to comply with the GDPR).

Download or sign up for our mobile device management solution to see what effortless mobile security management can do for your enterprise.

Related posts :