Seoul, March 14, 2025 –North Korean hackers are back with KoSpy, a powerful Android spyware that steals call logs, messages, and location data using fake apps. Experts warn users to stay vigilant!
A shocking cyber-espionage campaign has emerged, with North Korean hacker group ScarCruft deploying KoSpy malware to hijack Android devices through fake utility apps.
This stealthy operation has compromised thousands of users worldwide, primarily targeting Korean and English-speaking individuals.
Security firm Lookout discovered that KoSpy, active since March 2022, masquerades as legitimate apps like File Manager, Phone Manager, and Kakao Security.
Once installed, the malware silently harvests sensitive data, including SMS messages, call logs, audio recordings, and screenshots. Cybersecurity expert John Meyers warned:
This malware operates with military-grade precision, making it one of the most sophisticated Android spyware seen in years.
The spyware cleverly connects to a Firebase Firestore cloud database to retrieve its command-and-control (C2) server address, allowing it to operate undetected. The malicious apps were removed from Google Play, but users who installed them remain vulnerable.
ScarCruft, also known as APT27, has a long history of state-sponsored cyberattacks. Analysts believe KoSpy’s infrastructure overlaps with APT43 (Kimsuky), another North Korean hacking group. Google issued a statement confirming:
Google Play Protect has removed known malware versions, but users should avoid sideloading apps from untrusted sources.
Android users must immediately delete suspicious apps and enable Google Play Protect. Cybersecurity experts urge governments to take stronger action against North Korea’s digital warfare.
KoSpy spies, but ExpressVPN shields! Encrypt your data & stay invisible from cyber threats. Privacy isn’t a choice, it’s a necessity.
Other News At VPNRanks
Stay Informed with VPNRanks
Hey, wait! Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life!
