This app that can't be deleted could be silently recording your calls and taking screenshots

This app that can’t be deleted could be silently recording your calls and taking screenshots،

Cybercriminals are always finding ways to gain access to your phone. The latest example is the SpyNote malware, which aims to monitor you and steal sensitive information.

As detailed by a cybersecurity company F-Secure, SpyNote is spyware that spreads via smishing or fake mobile messages. The text messages trick victims into downloading the app.

Although SpyNote doesn’t ask for many permissions, the ones it does ask for are similar to the permissions requested by spyware. When first launched, it requests the BIND_ACCESSIBILITY_SERVICE permission and when this is granted, the malware self-approves several additional vital permissions.

The app also tries to hide and is not found in the app launcher. It doesn’t even appear on the Recents screen. It relies on external triggers such as an SMS to be launched.

SpyNote runs two “hardcore” services. Hardcore services cannot be stopped easily, neither by the Android system nor by the victim. Every time an attempt is made to kill the malicious services, they are restarted.

The main goal of SpyNote is to steal as much data as possible from the victim’s phone and send it back to the attacker’s computer.

SpyNote collects a dangerous amount of user information. It can record incoming phone calls and send them to its developers. It is also capable of taking screenshots and sending them to the command and control center.

It can even record what you type on your phone, which means it can steal your screen unlock credentials and password.

There is only one way to get rid of SpyNote

Unlike most other harmful applications, getting rid of SpyNote is not as simple as deleting it. Since it is a hidden app, it cannot be located or deleted. Removing it through the Settings app is also not possible, as the app closes the menu screen every time the user accesses the app through Settings.

And since it runs hard services, the victim also cannot stop them by accessing the developer options.

The only way for someone to get rid of SpyNote is to factory reset their device and erase all their data from the phone.

Fake earthquake alert app

According to the people of D3 Laboratory, some malicious actors are trying to trick Android users into installing malware from the SpyNote family by tricking them into downloading a fake IT-Alert app. IT-Alert is a public alert system used in Italy to provide information to the public and broadcast alert messages regarding emergencies or disasters.

Malicious actors created a domain of the same name that alerts people that an earthquake is expected and asks them to download an app to stay informed about the situation in their area.