An Android application designed as a backup tool to protect device data actually steals phone and user activity data.
It's called SocialPath and a version of malware has managed to pass the check and be offered at the official Google Play store for Android.
Google just received a notification from researchers better safetys for its dangerousness deleted it from its list, but until its recognition and removal it received several clicks for download.
Security researchers who have tracked the occasional malware trafficking campaigns have noticed that almost one 6.000 click, most of which comes from Lebanon (1.715).
The next two positions were users from Sudan (1.117) and Oman (666). Users in EU countries were cheated at 7% of total clicks.
According to Jeremy Linden of Lookout, SocialPath promises to create secure copies of the contact list and informs that the service will soon be extended to photos, videos and other types of files, and also claims to give users access to their data if the device is lost or stolen. If the recipient of the message decides to sign up for the service, he / she is asked to provide the full name, e-mail address, telephone number, country of residence and a personal photo.
Αυτά δεν είναι τα μόνα στοιχεία που αποστέλλονται στο server τους καθώς η εφαρμογή διαθέτει λειτουργίες για διαρροή της λίστας επαφών, των messages, the complete call log file which includes the phone numbers, the exact time of the calls and their duration.
Linden says the malware also has the ability to perform calls to numbers sent by the scammer's server and then delete the call records so as to hide his activities.
As for the identity of the scammers for this particular case and based on the data found in the application code, Linden believes that arabic people are hiding. Taking into account the countries concerned, SocialPath may be a spying tool for political purposes, but it may well be part of a more advanced phishing with financial incentives.
Regardless of its scope, users of devices with Android they should download apps for their devices only from trusted sources, avoid third-party stores where the content is not tested, and finally read user feedback about any negative reports.
