Android Spyware Hidden in Apps for 4 Years: Report"

Researchers at a security firm called Bitdefender discovered a  sophisticated cyber-espionage campaign using spyware called Mandrake that has been targeting Android users for at least four years, with the malware hiding in apps available on the Google Play Store.  Bitdefender found initially 7 applications on the Google Play Store that contained the Mandrake malware: Abfix, CoinCast, SnapTune Vid, Currency XE Converter, Office Scanner, Horoskope, and Car News. Each of these applications had hundreds or thousands of downloads before they were removed from the Google Play Store.  After Google Play Store deleted the other applications, Bitdefender discovered new ones several days later and found that the new round of applications with Mandrake spyware generated over 5,000 new installations each in several days.  Mandrake malware can be used to take near-total control of an infected device and can collect a range of data from targeted Android users.  The malware can steal usernames and passwords from banking and social media accounts; take screenshots and capture recordings; collect and send SMS messages; track GPS location data, and can deploy a "kill switch" that wipes the malware from the device when the data collection is done.  

Bank Info Security reports: "Android Spyware Hidden in Apps for 4 Years: Report"