Over the past few years, cybercriminals have developed and released numerous Android malware strains, stealing personal and sensitive information from thousands of users. One such Android malware variant is Skygofree.
According to security researchers at Kaspersky Labs, who discovered Skygofree, the trojan is a powerful spyware and was developed in 2014. The malware is capable of stealing a wide variety of data, including call records, text messages, WhatsApp chats, geolocation, surrounding audio, calendar events, and other memory information stored on the targeted device.
The malware’s long-term development process has resulted in Skygofree containing multiple capabilties, such as the ability to use multiple exploits to gain root privileges. Skygofree also comes with never-before seen spy features, such as the ability to record audio surrounding the infected device in certain locations.
Once Skygofree is installed, it is capable of completely concealing its malicious activities while running in the background. The multi-stage spyware also provides hackers full remote control over the infected device. The spyware’s C2 infrastructure allows attackers to remotely capture photos, videos and more.
Kaspersky researchers believe that Skygofree is likely the work of a spyware manufacturer like Hacking Team.
“Given the many artifacts we discovered in the malware code, as well as infrastructure analysis, we are pretty confident that the developer of the Skygofree implants is an Italian IT company that works on surveillance solutions, just like HackingTeam,” Kaspersky researchers said.