Kaspersky GReAT explained how they can track a person via a smartphone
Posted: Thu Jan 23, 2025 8:47 am
Attackers can remotely hack a smartphone and thus monitor a person: their location, correspondence, audio recordings, financial transactions, etc.
The head of Kaspersky GReAT in Russia, Dmitry Galov, told Banki.ru about how this happens.
"The threat of digital surveillance does exist. For example, there are spyware and stalkerware programs that attackers can use to gain access to the victim's correspondence in social networks and messengers, microphone recordings, their geolocation, what is happening on the screen, etc. There is a difference between stalkerware and spyware: stalkerware bc data malaysia are usually used to spy on acquaintances (to install and configure them, attackers must have access to the victim's device). Spyware Trojans are technically advanced, expensive programs. They are often used together with exploits and are used for targeted attacks, for example, on top managers, that is, this is not a mass threat. At the same time, not only Android users, but also iOS users can face such targeted attacks," explained Dmitry Galov.
He noted that some spyware Trojans could be used in mass cyberattacks.
"An example is the Mandrake Trojan, discovered by our experts last year. Its new version was distributed via Google Play from 2022 to 2024 under the guise of five different applications (they were downloaded at least 32 thousand times in total); they have now been removed from the app store. The Trojan allowed attackers, for example, to steal credentials from infected devices, secretly record the smartphone screen, and broadcast what was happening on the victim's screen to the attackers in real time so that they could perform actions instead of the user, such as pressing buttons," the expert said.
According to him, attackers can also try to gain access to a person's screen using remote access programs, including modified ones, which are distributed, for example, under the guise of applications for financial organization support services, medical services, and telecom operator applications. Last year, one of the most active Trojans with remote access functions was SpyNote.
The head of Kaspersky GReAT in Russia, Dmitry Galov, told Banki.ru about how this happens.
"The threat of digital surveillance does exist. For example, there are spyware and stalkerware programs that attackers can use to gain access to the victim's correspondence in social networks and messengers, microphone recordings, their geolocation, what is happening on the screen, etc. There is a difference between stalkerware and spyware: stalkerware bc data malaysia are usually used to spy on acquaintances (to install and configure them, attackers must have access to the victim's device). Spyware Trojans are technically advanced, expensive programs. They are often used together with exploits and are used for targeted attacks, for example, on top managers, that is, this is not a mass threat. At the same time, not only Android users, but also iOS users can face such targeted attacks," explained Dmitry Galov.
He noted that some spyware Trojans could be used in mass cyberattacks.
"An example is the Mandrake Trojan, discovered by our experts last year. Its new version was distributed via Google Play from 2022 to 2024 under the guise of five different applications (they were downloaded at least 32 thousand times in total); they have now been removed from the app store. The Trojan allowed attackers, for example, to steal credentials from infected devices, secretly record the smartphone screen, and broadcast what was happening on the victim's screen to the attackers in real time so that they could perform actions instead of the user, such as pressing buttons," the expert said.
According to him, attackers can also try to gain access to a person's screen using remote access programs, including modified ones, which are distributed, for example, under the guise of applications for financial organization support services, medical services, and telecom operator applications. Last year, one of the most active Trojans with remote access functions was SpyNote.