A report has revealed details on two Android spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT) The group has extended its capabilities to mobile malware since 2017 when the spying app ChatSpy came into existence. The apps contain advanced capabilities including taking photos from the camera, requesting elevated privileges, scraping WhatsApp messages, and uploading all this information to the servers of the APT group.
Source: https://www.bleepingcomputer.com/news/security/pro-india-hackers-use-android-spyware-to-spy-on-pakistani-military/