This is the most dangerous malware you can get on your Android phone
Imagine an app that gets installed on your Android mobile without your knowledge and scans your personal data, key-logs everything you type, clicks photos and videos secretly, scans every app, app history and location details. Basically, whatever you do on your compromised Android phone gets shared with the person who planted the malware. Sounds like a nightmare like? Mobile security firm Lookout has discovered an Android malware which exactly does the things mentioned.
Dubbed as Monokle, the company claims that it is developed Russia-based company, Special Technology Centre. Interestingly, Monokle is just not a malware. In fact, it is a set of custom Android “surveillanceware” tools.
“Lookout discovered Monokle in 2018 and our research indicates that these tools are part of a targeted set of campaigns and are developed by the St. Petersburg, Russia-based company, Special Technology Centre, Ltd. (STC), which is notable for providing material support to the GRU in its interference in the 2016 U.S. Presidential election,” the mobile security firm said in a blog post. Interestingly, this malware is highly targeted and can be used to snoop on select individuals, making it one of the most dangerous Android malware of recent times.
“Monokle possesses remote access trojan (RAT) functionality, uses advanced data exfiltration techniques and has the ability to install an attacker-specified certificate to the trusted certificates store on an infected device that would facilitate man-in-the-middle (MITM) attacks,” explained the researchers. This is something the researchers claimed to “have never seen in the wild before.”
On a related note, another similar “malware” called Pegasus made by Israeli company called NSO Group is now claimed to have got an update. A report by Financial Times now claims that an updated version of Pegasus has been released which is even more powerful and can steal your data stored in servers of Google, Facebook, Microsoft, Amazon and even Apple iCloud. Pegasus is claimed to be only sold to government agencies by the company but there have been instances of misuse as well.