Cybersecurity company Kaspersky has disclosed a new campaign targeting specific victims primarily in Southeast Asia that it’s dubbed the PhantomLance espionage campaign. Kaspersky believes that OceanLotus APT could be behind the attacks. The attacks are sophisticated and ongoing, targeting Andriod users in Asia. The campaign features complex spyware that is distributed via apps within the Google Play official market.
The malicious apps have also been distributed through other outlets such as APKpure, a third-party marketplace. The campaign was first spotted last year, however, it has been traced back as far as 2016. This information was disclosed at the SAS@home virtual security conference on Tuesday. The spyware has the ability to harvest geolocation data, call logs, and contacts as well as monitor SMS activity and gather a list of applications installed on the device.
Read More: Sophisticated Android Spyware Attack Spreads via Google Play