Skip to Main Content

Spyware on 1000+ Apps on Google Play Store

The software can record audio and steal personal data. 


Android Apps on the Google Play Store have been discovered to harbour spyware originally created by an Iraqi developer. Surveillance malware(spyware) records audio and steals data from users.

According to a blog post by security researchers at Lookout, more than a thousand apps on Google Play contain a new spyware family called SonicSpy. According to analysis carried out by the researchers, apps harbouring the spyware can silently record audio; take photos with the camera; make outbound calls; send text messages to attacker-specified numbers; and retrieve call logs, contacts, and information about Wi-Fi access points.

“In fact, the malware (spyware) has the ability to respond to over 73 different remote commands, meaning attackers can manipulate a victim's device from afar through a command and control server,” said Michael Flossman, security analyst at Lookout.

“Once successfully on the device, it provides the victim the advertised messaging functionality while simultaneously stealing data, building a false sense of trust with the victim.”

The most recent example of SonicSpy found on the Play Store, was called Soniac and was marketed as a messaging app. While Soniac does provide this functionality through a customised version of the communications app Telegram, it also contains malicious capabilities that provide an attacker with significant control over a target device. 

Chris Boyd, lead malware intelligence analyst at Malwarebytes, told SC Media UK that the app in question looks like familiar programmes to the uninitiated, but performs multiple intrusive tasks behind the scenes. “The biggest issue here is potential data leakage for organisations big and small, though home users wouldn't want their information compromised in this fashion either,” he said.

So What do I do? 

Install antivirus/antispyware software, available to purchase from a variety of high street and online retailers as well as from the software manufacturers’ own websites. There is also a range of free antiviruses software. You can get these for a range of devices. 

You also need to be aware of:

  • Opening infected email attachments such as .exe files.
  •  Opening infected files from web-based digital file delivery companies (for example Hightail - formerly called YouSendIt, and Dropbox).
  •  Visiting corrupt websites.
  •  Using USB connected devices (eg memory sticks, external hard drives, MP3 players).