Skygofree: Smartphone spyware that leaks your WhatsApp messages

Security researchers have discovered smartphone surveillance software that can steal WhatsApp messages from your Android phone.

According to Margi Murphy, a cybersecurity analyst for the telegraph, Russian researchers from multinational cybersecurity and anti-virus provider, Kaspersky Labs discovered the malware.

Dubbed Skygofree, the malware is believed to be capable of doing much more than switching on your phone’s microphone when your smartphone enters a specific location. For instance, it is capable of seizing call records, calendar events and locations on your device’s memory.

The Russian researchers believe it was developed by an Italian IT Company, and spread through to websites that ‘appear to belong’ to mobile networks.

The malware remains permanently active by adding itself to the list of “protected apps” on the victim’s phone and can spy on its surroundings even when the screen is locked.

According to Alexey Firsh, a Malware analyst at Kaspersky, the biggest danger posed by this spyware is the ability to spy targets without arousing suspicion. This means it is very difficult to identify and block.

Once installed, the malware has been found to have the ability to trick android’s accessibility feature to record encrypted WhatsApp messages.

With the accessibility feature, Skygofree, can also read messages displayed on the screen, including messages a victim sends on WhatsApp.

Do not be deceived by WhatsApp’s end-to-end encryption as the malware hits the victim at the base of the communication tool. Your smartphone’s screen and accessibility features cannot be protected by encryption.

Skygofree has been traced back to Negg, an Italian that offers spying tools and counts Italian law enforcement among it’s customers.

The malware has been in existence since 2014, but the concealed domains were registered recently in October, 2017.