Android users should be careful what they download from the Google Play store, as security researchers recently found a selection of apps which contained North Korean spyware hosted there. The five affected apps appeared to be benign system utilities like file managers,

A group of hackers with links to the North Korean regime uploaded Android spyware onto the Google Play app store and were able to trick some people into downloading it, according to cybersecurity firm Lookout.

KoSpy masqueraded as utility apps, according to Lookout Mobile Security, which links the activity to a cyber-espionage campaign out of North Korea.

The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.

A new Android spyware named 'KoSpy' is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps.

ScarCruft, also called APT27 and Reaper, is a North Korean state-sponsored cyber espionage group active since 2012. Attack chains orchestrated by the group primarily leverage RokRAT as a means to harvest sensitive data from Windows systems. RokRAT has since been adapted to target macOS and Android.

Google has banned apps from Google Play Store in which hackers had planted spyware named KoSpy that collect sensitive data like SMS, call logs, location, photos, record audio and more.

A Dangerous Spyware Hidden in Apps North Korean hacking groups secretly placed a new and dangerous spyware called KoSpy inside five apps on Android devices.These apps were available for download on Google Play and APKPure,

All of those collection methods could capture some incredibly delicate personal details, only for it to be sent to servers controlled by North Korean intelligence workers. Lookout