Android: If you have downloaded this app, Russian hackers may have access to your phone

This application could be storing your information and sending it to Russia.

For years now, the smartphone has become an indispensable object that many people use on a daily basis. This handy device allows you to keep in touch with loved ones, take pictures, listen to music and much more. Although such a tool is useful, it can also be destructive in the hands of the wrong people.

Russian hackers have allegedly launched a new spyware to get their hands on confidential information about you, or your neighbour. The shocking information was revealed by research from a Spanish cybersecurity company Lab52.

Malware in your phone?

This malware is said to be hidden in an application called ‘Process Manager’ which is located in the notification bar of your Android phone. The icon resembles a gear. It is said to help speed up your smartphone and manage all the options it presents.

According to La Dépêche, once you have downloaded the app, the application asks you to accept around 18 different requests. As you all know, most of us tend to accept these prompts without really paying attention to them. The danger of doing this is that we’re unknowingly giving apps access to valuable data such as our email, locations, contacts, and in some cases our microphone and camera.

Le Parisien spoke to Benoit Ferault, a cybersecurity expert at Quarkslab, a French company specialising in security research who said:

The software and its technique are not very sophisticated.

Read more:

Android: Google now allows you to delete the last 15 minutes of search history

Cyberattack: Ban this Android app on your phone now!

Android users beware: New scam could steal all your photos

Sending your information to Russia

The French publication explains that once the application is downloaded, it will decrypt your data and ‘send it to a server in Russia.’

Ferault added:

Because the server to which this software is linked was used for a time by the Russian state. Except that these IP addresses are bought on the black market and can be reused by someone else.

Lab52 researchers have identified an infrastructure attributed to FSB (Federal Security Service of the Russian Federation), the country’s intelligence services. According to them, a group of Russian hackers called Turla could be behind this case.

Active for more than 10 years, they may be financed by the Kremlin and to make things worse, this is not the first hacking case they’ve been involved in.

This article has been translated from Oh! My Mag FR.

Cyberattack: Ban this Android app on your phone now! Cyberattack: Ban this Android app on your phone now!