WhatsApp Spy Scare: Android malware can ‘steal messages’ from your screen

A new and worrying piece of mobile malware could enable WhatsApp messages to be stolen from Android phones, security experts have warned.

The malicious surveillance software, dubbed ‘Skygofree’, is allegedly capable of turning on the microphone to record audio, while also diving into encrypted WhatsApp messages.

According to researchers at Kaspersky Labs, the malware has been around since 2014 and is also capable of taking photos and videos on infected devices, even when the display is locked.

Kaspersky says the malware is able to achieve this by adding itself to a list of “protected apps” on the phone, thus remaining permanently active.

Related: Amazon Echo Spot hands-on

The WhatsApp exploit is possible, the researchers say, by fooling the Android Accessibility options in order to capture information that’s currently displayed on the screen.

In a blog post (via Telegraph), Kaspersky wrote: “We observed a payload that exclusively targets the WhatsApp messenger and it does so in an original way. The payload uses the Android Accessibility Service to get information directly from the displayed elements on the screen, so it waits for the targeted application to be launched and then parses all nodes to find text messages”

Extensive spying

Despite the name, the Skygofree malware is not related in anyway to BSkyB’s mobile platform Sky Go.

It is believed the malicious software was developed by an Italian cyber security firm Negg, which develops tools for investigators.

“High end mobile malware is very difficult to identify and block and the developers behind Skygofree have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion,” Alexey Firsh, Kaspersky Malware Analyst said.

The revelation will undoubtedly be of concern to WhatsApp users who take comfort from the Facebook-owned firm’s end-to-end encryption of chats.

Does the purported ability to bypass WhatsApp message encryption put the willies up you? Drop us a line @TrustedReviews on Twitter.

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor