large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

WhatsApp Spy Scare: Android malware can ‘steal messages’ from your screen

A new and worrying piece of mobile malware could enable WhatsApp messages to be stolen from Android phones, security experts have warned.

The malicious surveillance software, dubbed ‘Skygofree’, is allegedly capable of turning on the microphone to record audio, while also diving into encrypted WhatsApp messages.

According to researchers at Kaspersky Labs, the malware has been around since 2014 and is also capable of taking photos and videos on infected devices, even when the display is locked.

Kaspersky says the malware is able to achieve this by adding itself to a list of “protected apps” on the phone, thus remaining permanently active.

Related: Amazon Echo Spot hands-on

The WhatsApp exploit is possible, the researchers say, by fooling the Android Accessibility options in order to capture information that’s currently displayed on the screen.

In a blog post (via Telegraph), Kaspersky wrote: “We observed a payload that exclusively targets the WhatsApp messenger and it does so in an original way. The payload uses the Android Accessibility Service to get information directly from the displayed elements on the screen, so it waits for the targeted application to be launched and then parses all nodes to find text messages”

Extensive spying

Despite the name, the Skygofree malware is not related in anyway to BSkyB’s mobile platform Sky Go.

It is believed the malicious software was developed by an Italian cyber security firm Negg, which develops tools for investigators.

“High end mobile malware is very difficult to identify and block and the developers behind Skygofree have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion,” Alexey Firsh, Kaspersky Malware Analyst said.

The revelation will undoubtedly be of concern to WhatsApp users who take comfort from the Facebook-owned firm’s end-to-end encryption of chats.

Does the purported ability to bypass WhatsApp message encryption put the willies up you? Drop us a line @TrustedReviews on Twitter.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.