SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls

AlmightySnoo 🐢🇮🇱🇺🇦@lemmy.world to Android@lemmy.world – 95 points –
SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls
thehackernews.com
15

So I can't record my own phone calls, but a random trojan horse can?

Don't click on links in random text messages.

I think we all know a few people who aren't computer-literate and who will always ask you to help them Google stuff or buy something from Amazon. Those are usually the main victims of this, they won't know that they shouldn't expect an "OS update" via SMS.

No one that's computer illiterate is going to read that article. And if they somehow did they're definitely not going to click on the link buried in the middle of a paragraph, as a one word hyperlink, that leads to a different article that actually explains what the trojan is and how it gets on your phone.

"Don't click on links in random text messages" is absolutely a better way to explain it to them than expecting them to go through all of the above.

Serious question: is there a way to scan an Android phone to clear it of malware? My phone seems pretty jacked, tbh.

Malware bytes, great and the only feature that's locked behind premium is automated scanning( at least what I care about)

EDIT: just checked, it seems they are premium only now? I haven't used it in awhile as I haven't needed to, but on mobile at least you have to go premium, sucks I'll see if I can find something else

Thank you for checking.

Okay, I checked again, according to their description, after the free trial, you keep the free version, you just have to sign up for the premium trial and cancel, I just made a new account, I'll get back to you in 7 days

Yup, premium only with a 7 day trial. Worth it for one scan then immediately canceling, I suppose. That's what I just did.

Not really. Because of androids sandboxed nature "anti-virus" apps are not very effective and are mainly there to give you a false sense of security in exchange of some money.

Just assume every closed source application to be adversarial and don't bother installing it on a personal device.