Researchers at Skycure have discovered a new strain of Android spyware, dubbed Exaspy, that has been used in targeted attacks against high-level executives.Researchers from Skycure discovered an instance of the Exaspy malware that was installed on an Android 6.0.1 device owned by a Vice President at an unnamed company.
Here is how the app installs itself when it runs for the first time:
- Malware requests access to device admin rights
- Asks (nicely) for a licence number
- Hides itself
- Requests access to root (if the device is rooted and managed through popular rooting apps). Once granted, it installs itself as a system package to make its uninstallation process harder.”
Mitigation efforts should include disabling USB debugging and regularly checking an Android’s Device Administrators list and disable components you don’t trust
Commercial Exaspy spyware used to target high-level executives
Leave a Reply
You must be logged in to post a comment.