Phonespy surveillance software mimics Pegasus and was spotted stealing data from thousands of South Korean Android users
A Zimperium report indicates that thousands of South Korean Android users have been targeted by Phonespy, a spyware platform that seems to offer threat actors a new alternative to Pegasus. According to the report, Phonespy disguises itself as various innocuous mobile apps, from Yoga training software to movie streaming apps, meaning that victims often have no idea that they're being monitored.
Phonespy appears to offer threat actors complete access to a victim's Android smartphone, including the ability to record video and audio, take pictures, and steal information like SMS messages and phone contacts.
The researchers were unable to find Phonespy-related malware on the Google Play Store, indicating that victims installed Phonespy through other means, such as clicking on malicious popups and web redirects.
Even more worryingly, at launch, Phonespy often asks users to "log in through Kakao," a popular messaging platform in South Korea. By disguising itself as Kakao, Phonespy then attempts to steal user login credentials.
So far, Phonespy has only been detected on Android phones in South Korea. The tool, however, indicates that Pegasus isn't the only monitoring platform out there being used by governments and shadow actors.