“Skygofree: Following in the Footsteps of HackingTeam”
Nikita Buchka and Alexey Firsh, Securelist, Kaspersky Labs, January 16, 2018
“Found: New Android Malware with Never-Before-Seen Spying Capabilities”
Dan Goodin, Ars Technica, January 16, 2018
Skygofree is capable of taking pictures, capturing video, and seizing call records, text messages, geolocation data, calendar events, and business-related information stored in device memory.
Skygofree also includes the ability to automatically record conversations and noise when an affected device enters a location specified by the person operating the malware. Another never-before-seen feature is the ability to steal WhatsApp messages by abusing the Android Accessibility Service that's designed to help users who have disabilities or who may temporarily be unable to fully interact with a device. A third new feature: the ability to connect infected devices to Wi-Fi networks controlled by attackers.
Skygofree also includes other advanced features, including a reverse shell that gives malware operators better remote control of infected devices. The malware also comes with a variety of Windows components that provide among other things a reverse shell, a keylogger, and a mechanism for recording Skype conversations.