A research team announced Wednesday that it has discovered some of the most advanced and complete mobile malware surveillance ever seen. According to the report, a Russian defense subcontracting company is this program.
The malware, dubbed Monokle, has been used since at least 2016 to monitor a small number of phones running Android, the research team at cyber security firm Lookout said. According to this company, it was designed by Special Technology Center, a Russian defense subcontractor sanctioned in 2016 for contributing to the Russian interference in the 2016 US presidential election.
The computer program can be installed on victims’ devices in a variety of ways, including from the Google Play Store app store, where Monokle takes on the appearance of popular apps. For example, versions of Monokle have been seen with the Pornhub porn app name and icon, or disguised as Skype or the Google app.
Monokle is able to change crucial features of Android for communicating through emails, text messages, phone calls and TCP ports. This feature allows him to continue his spying operations even when the connection to the Internet is off or unavailable.
An extraordinary espionage ability
Lookout’s report (New Window) states that Monokle is able to capture the time in a phone’s electronic calendar, intercept encrypted communications over the Internet, and collect information about social media accounts ( including messages) and reset the access code of a device.
The software is also able to record conversations, take pictures, videos and screenshots, remember passwords, get the location of a phone and even uninstall by erasing every trace of his presence.
The code of Monokle studied by Lookout also implies that versions capable of infecting devices running iOS exist.
Lookout refused to tell Reuters in which country the attacks were detected.
US and Russia at loggerheads
The United States and other Western countries have accused the Russian government and companies working for it of conducting cyberattacks against organizations all over the world.
The Kremlin has denied these allegations multiple times, arguing whenever there is no evidence to corroborate them. Neither the Russian government nor the Special Technology Center responded to Reuters’ interview requests for the Lookout report.