ProjectSpy

The ProjectSpy threat is a newly uncovered malware that targets innocent online users. Cybersecurity analysts first noticed this malware in April 2020. The ProjectSpy threat is designed to target iOS users, as well as Android users. Just like many other cybercriminals did recently, the authors of the ProjectSpy threat are using the Coronavirus pandemic to propagate their creation.

The ProjectSpy malware is being distributed via a Coronavirus-themed application called ‘Coronavirus Updates.’ The authors of the ProjectSpy threat also appear to use other bogus applications to distribute this malware. Two other fake apps that are propagating the ProjectSpy malware have been identified as ‘Wabi Music’ and ‘TikTik.’ Users need to be very careful when installing new apps on their devices. Avoid downloading any software from third-party application stores. However, there have been many instances of malware being hosted on the official Google Play Store, and sometimes even on Apple’s Application Store, so do not let your guard down when installing software from the official platforms either.

Once the ProjectSpy malware compromises a targeted Android device, it is able to:

• Send text messages.
• Collect information regarding the settings, hardware, and software of the system.
• Use the device’s camera to record videos or take photos.
• Collect the user’s contact list, call logs, notes, voice notes, saved images, etc.
• Gather data from Facebook, Threema, WhatsApp and the user’s SIM card.

The Android version of the ProjectSpy malware appears to be running as intended. However, the iOS variant of the threat is dysfunctional. It is likely that the creators of the ProjectSpy malware are not very experienced in creating threats for iOS and may have used readily available iOS modules instead of building them from scratch and ensuring they work properly. Luckily for iOS users, the ProjectSpy threat is useless for the moment completely. Nevertheless, this does not mean that the attackers will not modify the threat and fix the issues in the future.

Users need to be very wary when downloading software or content regarding the COVID-19 outbreak, as countless cyber crooks are using the pandemic to distribute various malware and online tactics.