Advanced Spyware Targeting Users in Russia Covertly Installed on Android Devices

Published:

spot_img

Recent Discovery of State-Sponsored Mobile Spyware Campaign Targeting Android Users

A newly discovered mobile spyware tool, known as LianSpy, has been used by an unknown, likely state-sponsored threat actor to spy on Android smartphone users for at least three years, according to researchers at Kaspersky. The campaign, which has primarily targeted individuals in Russia, could easily be applied in other regions as well.

LianSpy is a post-exploitation Trojan that either exploits vulnerabilities to root Android devices or modifies firmware by gaining physical access to victims’ devices. The threat actor behind LianSpy has been distributing the malware disguised as system and financial applications.

Unlike some zero-click spyware tools, LianSpy requires user interaction to function to a certain extent. Once launched, the malware requests necessary permissions from the user and registers an Android Broadcast Receiver to monitor system events. It also uses super user binary with a modified name to gain root access on victim devices and operates stealthily in the background.

LianSpy’s primary purpose is to monitor user activity by intercepting call logs, recording device screens during messaging, and listing installed apps. The threat actor stores stolen data and issues configuration commands using public cloud platforms like Yandex Disk. The malware uses root privileges discreetly to avoid detection by security solutions and encrypts data for exfiltration, making victim identification impossible.

Kaspersky researchers warn that LianSpy’s focus on capturing instant message content indicates a targeted data-gathering operation beyond standard espionage tactics. The ongoing use of mobile spyware tools like LianSpy raises concerns about privacy and security for smartphone users worldwide.

spot_img

Related articles

Recent articles

Cabinet Approves ₹1.27 Lakh Crore Semicon 2.0 to Strengthen India’s Semiconductor Ecosystem

Cabinet Approves ₹1.27 Lakh Crore Semicon 2.0 to Strengthen India's Semiconductor Ecosystem The Union Cabinet of India, led by Prime Minister Narendra Modi, has officially...

TuxBot v3 Evolution Reveals LLM-Assisted IoT Botnet Development with Enhanced Capabilities

TuxBot v3 Evolution Reveals LLM-Assisted IoT Botnet Development with Enhanced Capabilities Recent cybersecurity research has unveiled a new Internet-of-Things (IoT) botnet framework known as TuxBot...

Hackers Expose 19,000 Files, Including Nuclear Blueprints, from India’s Largest Plant on Dark Web

Hackers Expose 19,000 Files, Including Nuclear Blueprints, from India's Largest Plant on Dark Web A significant cybersecurity breach has emerged involving the Kudankulam Nuclear Power...

Australia-India PACTS Advances Cybersecurity and Technology Cooperation

Australia-India PACTS Advances cybersecurity and Technology Cooperation Australia and India have launched the Australia-India Partnership on Cyber, Critical Technologies, and Supply Chains (PACTS), a strategic...