PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps.
Researchers discovered new Android spyware that provides similar capabilities to NSO Group’s Pegasus controversial software. Called PhoneSpy, the mobile surveillance-ware has been spotted activity targeting South Koreans without their knowledge.
PhoneSpy disguises itself as a legitimate application and gives attackers complete access to data stored on a mobile device and grants full control over the targeted device, according to a Zimperium zLabs report published Wednesday.
Pegasus spyware, developed by Israeli-based NSO Group, which has been blacklisted by the U.S. government, has been linked to cyberattacks against dissidents, activists and NGO workers. However, it’s unclear from the Zimperium report who is behind PhoneSpy and whether it is being sold commercially. Also unclear from the report is whether high-profile victims or random individuals are being targeted by PhoneSpy.
According to Zimperium, attackers are weaponizing PhoneSpy for similar purposes as the NSO Group did. However, researchers conceded they are unsure why thousands in South Korea are targeted or what connection they have to each other.
Hiding in Plain Sight
The spyware is potentially more dangerous than Pegasus, researchers assert. They