Delaware, USA – January 17, 2018 – Researchers from Kaspersky Lab published a report on the discovered trojan for Android created three years ago and evolved during this time into one of the most effective tools for cyber espionage. The latest version of Skygofree was detected in October 2017. The most impressive of its functions are recording audio when the device is in the specific place, using Accessibility Services to steal data from various messengers and the ability to connect the device to adversaries’ Wi-Fi networks even if the user has turned off Wi-Fi on the device. The malware spread through websites that mimic several popular mobile operators web pages. After installing, Skygofree runs as a background service protected from termination and gives attackers full control over the device.
The researchers also found a version of this trojan for Microsoft Windows, which is still under development. Such sophisticated malware is almost impossible to detect after it has infected the device, and even installing applications only from trusted sources will not give a 100% security guarantee. Full control over the device threatens, among other things, VPN connections with corporate networks. VPN Security Monitor SIEM use case can help you track suspicious connections that could lead to data leakage.