Android spyware pretends to be Signal or ToTok update to fool victims - here's how to stay safe
Android spyware pretends to be Signal or ToTok update to fool victims - here's how to stay safe

Android spyware pretends to be Signal or ToTok update to fool victims – here’s how to stay safe

Android OS, , , , , , , , , ,
04
Oct 2025

  • ProSpy and ToSpy malware campaigns spoof Signal and ToTok to infect Android users
  • Malware exfiltrates SMS, contacts, files, and disguises itself as Google Play Services
  • Apps spread via third-party stores; users urged to stick to official app sources

Android users in the United Arab Emirates and the wider region are being targeted by two malicious campaigns which spoof known chat apps, Signal and ToTok, to distribute malware.

Security researchers at ESET said they started tracking the ProSpy and ToSpy campaigns in June 2025, but believe they could have started back in 2024.


Ledger Cryptotwitter


Source link

Read More
How To Find And Remove Spyware From Your Android Phone
How To Find And Remove Spyware From Your Android Phone

How To Find And Remove Spyware From Your Android Phone

Android Antivirus, , , ,
18
Aug 2025






Android
Ahyan Stock Studios/Shutterstock

If you’re not careful, your Android just might be spying on you. Over the past 12 months, more and more hackers have turned to spyware to try and steal user data, snooping on users’ messages, photos, phone calls, and even GPS movements.

A study conducted by Malwarebytes found a 147% increase in spyware in the first half of 2025, with one of the worst offenders being SMS-based malware, which spiked by 692% from April to May.

Spyware is extremely popular among cybercriminals as it’s very easy to pull off through phishing scams. All the hacker needs to do to cause an infection is to send a message tricking the user into installing malware or clicking through to a phishing website.

Once the malware is installed, the attacker has free access to sensitive data including usernames, passwords, credit card details, and more. The good news is that spyware can be removed by taking a few simple actions.

Tips for finding and removing spyware


Hacker spyware
LALAKA/Shutterstock

If your device has been affected by spyware there are a few telltale giveaways. For example, you might notice the device begin to perform unusually slow, overheat, or consume battery at a rapid pace. Excessive data consumption can also indicate the presence of malware on your device.

One of the best ways to identify a spyware infection is to use a malware detection or removal tool. According to AV Test, some of the top spyware removal tools for Android include Avast Antivirus & Security, Avira Antivirus Security, Bitdefender Mobile Security, and Kaspersky Premium for Android.

These types of tools can help you to scan your Android’s apps for malware and provide instructions on how you can remove it. You can also manually remove spyware by rebooting the device in safe mode and deleting the offending apps.

To enter safe mode, hold down your phone’s power button, and tap and hold the Power off option until the Safe mode option appears. Next, go to Settings, and select Apps. Select the malicious app(s) and remove them. This can be done by tapping on the chosen app, pressing Uninstall, and then Ok to remove it from your device.

How to remove apps with administrator positions and prevent other attacks


Android security
Primakov/Shutterstock

Some malicious apps may have administrator permissions that prevent them from being uninstalled. Fortunately, you can remove these permissions by going to Settings, selecting Security and Privacy, scrolling down to More Security settings, and selecting Device admin apps.

Now you should be able to toggle off permissions for the suspicious app. Once you deactivate permissions you will be able to delete the app. When you’re finished, restart your Android device to reset it back to normal.

Of course, prevention is always better than a cure. If you want to stop your device from getting infected in the first place then you’re going to need to be extremely careful about the types of apps you download.

Malicious apps do make their way through to the Google Play Store, even if they’ve been scanned by Play Protect, so it’s a good idea to stick to well-reviewed apps. Other security measures, such as installing an anti-malware app and avoiding clicking on links in SMS messages, can reduce the chance of your device being infected in the first place.




Ledger Cryptotwitter


Source link

Read More
This Spyware Campaign Is Targeting Android Users Via Messaging Apps
This Spyware Campaign Is Targeting Android Users Via Messaging Apps

This Spyware Campaign Is Targeting Android Users Via Messaging Apps

Android Antivirus, , , , , ,
14
Aug 2025

A new spyware campaign is targeting Android users by posing as antivirus delivered via messenger apps. Once installed on your device, it can do everything from record your screen to steal your passwords. The malware, referred to as LunaSpy, was identified by Kaspersky and is believed to have been active since at least February 2025.

What is LunaSpy?

According to Kaspersky, LunaSpy imitates real antivirus software, scanning your device and alerting you to (fake) “threats found,” after which it requests extensive permissions so it can spy on your device unsuspected. The malware can execute a range of functions:

  • Recording audio and video using your device’s microphone and camera

  • Reading texts, call logs, and contact lists

  • Running arbitrary shell commands

  • Stealing passwords

  • Tracking locations

  • Recording the device screen

The program is also capable of stealing images from your phone’s photo gallery. All of this information is then routed to command-and-control servers belonging to the attackers, where it can be used for malicious purposes.

How LunaSpy spreads on Android—and how to protect your device

The LunaSpy campaign proliferates through messenger apps like Telegram. Targets may receive a message from a stranger—or the hijacked account of someone they know—suggesting they install the “antivirus.” Victims may also be directed to download the app in a new channel.

In general, you should download apps only from official sources like the Google Play Store (though malware can sometimes slip through the cracks, as with the fake crypto extensions recently found among Mozilla’s add-ons). Avoid third-party sources, and don’t download APK files from messengers even if you know the sender.


What do you think so far?

You can also block unknown app installs for sources outside the Google Play Store entirely, so your device will have an extra layer of protection if you do attempt to download a malicious program. While the specifics vary depending on your device, this option can generally be found under Settings > Security.

You should be wary of apps—including antivirus—that request broad permissions without a clear purpose unless you have verified that the software is legitimate and trustworthy. You can confirm which permissions an app has under Settings > Apps > Permissions.

If you suspect that you’ve installed spyware on your Android, you should immediately uninstall any suspicious apps. A factory reset is a more extreme step, but it should wipe malware completely—just be sure you back everything up first.




Ledger Cryptotwitter


Source link

Read More
Android bots standing over a Pixel phone with various notifications
Android bots standing over a Pixel phone with various notifications

This so-called Android ‘antivirus’ is just a front for spyware

Android Antivirus, , , ,
12
Aug 2025

Android bots standing over a Pixel phone with various notifications

Mishaal Rahman / Android Authority

TL;DR

  • LunaSpy Android spyware hides as an antivirus or banking protection app, spreading via messaging apps like Telegram.
  • It fakes virus scans to trick you into granting permissions, then steals data, tracks you, and can even record audio or video.
  • Avoid downloading APKs from messenger links and be wary of unknown security apps requesting broad permissions.

Think you’re beefing up your Android phone’s security? If the antivirus app you just installed came from a random Telegram or a suspiciously out-of-context message from a friend, you might’ve just invited a spy into your pocket.

Don’t want to miss the best from Android Authority?

A daily Kaspersky blog post says a new piece of Android spyware called LunaSpy has been making the rounds since at least February 2025, slipping onto phones through messaging apps. Sometimes it’s pitched as an antivirus, and other times it’s so-called banking protection.

Either way, once you install it, it puts on a convincing show. It runs a fake scan, flashing scary “threats found” warnings, and then asking for a laundry list of permissions under the guise that it can fix them.

Those permissions aren’t for fixing anything. Behind the curtain, LunaSpy can swipe passwords from browsers and messengers, record audio and video, read your texts, track your location, and even run commands on your device. The latest version even has unused code to steal your photos — possibly a preview of what’s coming next.

All of that data goes back to attackers through a sprawling web of about 150 servers.

This means that you just need to be more vigilant than ever about what you’re downloading. Don’t grab APKs from messenger links, even if they come from someone you know, as their account could be hacked. And if an antivirus you’ve never heard of asks for access to everything on your phone, that’s a good time to hit uninstall.

Thank you for being part of our community. Read our Comment Policy before posting.


Ledger Cryptotwitter


Source link

Read More