We have always said that the best thing is to avoid downloading apps from unofficial sources, and download them from the Play Store, which is Google’s official store, in order to protect ourselves against Android malware. However, lately there have been apps uploaded on the store hiding all kinds of malware such as the case of the new SonicSpy spyware hidden in over 1,000 theoretically safe apps on the Play Store, threatening Android users.
In recent months, we have been able to see how several threats were sneaking into the Play Store, roaming freely without raising the slightest suspicion from Google’s security systems, with threats such as Xavier, Lipizzan or FalseGuide endangering the security of millions of Android users. Now a new spyware, detected by the security company Lookout, is threatening Android users by being hidden on the Play Store in over 1,000 apps, which are theoretically reliable apps that have gone under several security measures before being published on Google’s store.
How does the SonicSpy spyware works on Android?
As we just said, this malware was able to evade the Play Store’s security measures, so the main form of infection is through Google’s official app store. Some of the infected apps (a lot of them are instant messaging apps) have good ratings on the store and have been downloaded between 1,000 and 5,000 times, so the number of infected users is quite significant.