Researchers have uncovered new Android spyware that boasts similar capabilities to the controversial NSO Group’s Pegasus spyware. The software, called PhoneSpy, is a mobile surveillance tool that has already stolen data and tracked the activity of targets in South Korea. The spyware is disguising itself as legitimate lifestyle apps. PhoneSpy allows attackers to obtain access to the device and the data stored on it. Pegasus spyware has been blacklisted by the US government after it was linked to cyberattacks against activists, NGO workers, dissidents, politicians, and more public figures.

It is unclear whether PhoneSpy is being sold commercially. It also remains unknown whether the surveillance ware is targeting high-profile victims or random individuals. The spyware’s developer is also unknown. According to cybersecurity firm Zimperium, attackers are weaponizing PhoneSpy for similar purposes as Pegasus. Researchers also found that the PhoneSpy software could be more dangerous than Pegasus due to its ability to hide in plain sight. PhoneSpy allows attackers to steal data, read messages, view images, and other information stored on the device. So far, researchers have discovered 23 applications secretly containing the spyware.