Lookout Security Intelligence researchers discovered the spyware in Google Play and connected it to a known malicious actor potentially operating out of Iraq. The malware has the ability to respond to over 73 different remote commands, meaning attackers can manipulate a victim’s device from afar through a command and control server. Google has since removed the SonicSpy app from the Google Play store. It marketed itself as a messaging app in order to trick people into downloading it. It provides the victim the advertised messaging functionality while simultaneously stealing data, building a false sense of trust.”]
Source: https://blog.lookout.com/sonicspy-spyware-research-enterprises

