Google confirmed detecting and deleting five North Korean spy apps from its Play Store.
The news comes from Forbes, which reported that search engine company has removed the “identified apps” from its download platform.
Recently, the cybersecurity organization Lookout said the apps conceal the new KoSpy malware. Also, the malware has links “to the North Korean group APT37, a.k.a. ScarCruft.”
KoSpy can collect the following sensitive user information:
- SMS messages
- Call logs
- Device location
- Files and folders on the local storage
- Screenshots or screen recordings
- Keystrokes
- Wi-Fi network details
- A list of installed applications
This North Korean malware masquerades as five different apps:
- 휴대폰 관리자 (Phone Manager)
- File Manager
- 스마트 관리자 (Smart Manager)
- 카카오 보안 (Kakao Security)
- Software Update Utility
Although the Google Play Store has deleted these apps, Lookout warns that they will be available elsewhere.
“If any are on your phone, delete them now,” says the digital security organization.
Source: Google deletes five North Korean spy apps from Play Store
