Be careful! Your phone may send data to Russia. Check if you are safe
BoneSpy and PlainGnome malware collects Android users’ data and sends it to Russia. Your phone is not safe!
Experts from the cybersecurity company Lookout discovered that the Gamaredon group, linked to Russian services, uses Android malware to collect user data. The malware comes in two versions – BoneSpy and PlainGnome – and can pose a serious threat to privacy.
Russian software for Android
BoneSpy most often impersonates the Telegram application or the Samsung Knox system. Users may unknowingly install it by downloading applications from unreliable sources. Malware has broad permissions, enabling, among others: collecting text messages, recording calls, locating the phone via GPS or capturing photos and screenshots.
The newer variant, PlainGnome, is not based on the familiar code but offers the same features. Additionally, it uses Jetpack WorkManager, which allows for silent data collection, even when the phone appears to be inactive, e.g. with the screen turned off.
How does malware get on phones?
Malicious apps are not available on Google Play. They spread through fake versions of popular applications, advertised on social media or Google search results.
This allows users to unknowingly install malware, thinking they are downloading legitimate software.
How to protect yourself?
Never download applications from unreliable sources or suspicious links. If you have unknown software installed, remove it immediately. It’s also a good idea to scan your phone regularly and monitor its permissions.
Russian malware is a serious threat to privacy and security. Gamaredon has tools to collect user data, including messages, locations and conversations. Be careful and protect your phone.