Watch out for North Korean spyware apps on the Google Play store
|
By
Georgina Torbet Published March 13, 2025 |
Android users should be careful what they download from the Google Play store, as security researchers recently found a selection of apps which contained North Korean spyware hosted there. The five affected apps appeared to be benign system utilities like file managers, but once installed could collect personal information like SMS messages, call logs, and device location.
The spyware apps were identified by Lookout Threat Lab, which highlighted the following apps in both English and Korean: 휴대폰 관리자 (Phone Manager), File Manager, 스마트 관리자 (Smart Manager), 카카오 보안 (Kakao Security), and Software Update Utility. These apps have since been removed from the Play Store by Google.
The apps used a new surveillance tool called KoSpy, thought to originate from a North Korean state-sponsored hacking group called ScarCruft or APT37.
“KoSpy is a new Android spyware attributed to the North Korean group APT37. It masquerades as utility apps and targets Korean and English speaking users,” the security researchers Lookout Threat Lab warned. “KoSpy can collect extensive data, such as SMS messages, call logs, location, files, audio, and screenshots via dynamically loaded plugins.”
The apps that were affected didn’t really work as they said they did: some of them did perform some functions with basic interfaces that opened up Android settings view, while others did not function at all and showed only a fake system window. But once installed, the apps could download plugins and collect surveillance information. Some of the information the apps could surveil included data on SMS messages, call logs, device location, local files and folders, recording screenshots and key strokes, and even recording audio or taking photos with the phone’s cameras.
Now that the apps have been removed from the Play Store it’s not clear how many people may have downloaded them and been affected, but it’s a good reminder to check the sources and reputation of apps before you download them and give them access to your device.
Related Posts
OnePlus 15T leak spills details on a curious camera situation
According to the Chinese tipster Digital Chat Station (via Weibo), a "small-screen phone powered by the Snapdragon 8E5 is ready," translated from simplified Chinese. This phone, believed to be the OnePlus 15T, could feature a dual-camera setup "with a 50MP main sensor and a 50MP telephoto lens."
WhatsApp has begun testing a long-overdue group chat feature
The Meta-owned messaging platform is testing a new feature called "group chat history sharing" (via a WABetaInfo report). As the name suggests, the feature lets a WhatsApp user (likely the admin) share the chat history (up to 100 messages sent within 14 days) with someone while adding them to a group.
Google Photos introduces a fun new way to turn yourself into a meme
According to a recent post on Google's support forums, Me Meme is a generative AI feature that lets you star in trending memes using a template and a photo of yourself. It's rolling out in Google Photos for Android in the US, and you can try it out by tapping the "Create" button and selecting the new "Me meme" option.