Trend Micro found CallerSpy trojan that disguised as chat apps on a phishing website

Recently, researchers from Trend Micro disclosed that a Trojan called CallerSpy was disguised as a chat application to induce victims to download. The Trojan is mainly used for cyber espionage and was disguised as a chat application called Chatrious. Currently, the trojan is mainly spread through a malicious chat application called Apex App.

Image: Trendmicro

It is understood that the malicious application was located on a fake website posing as Google’s official website. Once the victim has downloaded and launched the app, CallerSpy will automatically connect to the hacker’s server to accept the relevant commands. CallerSpy’s malicious features include collecting all call logs, text messages, contact lists and files on the device, as well as recording audio using the phone’s microphone, or taking screenshots. After the trojan successfully steals information, it will regularly upload the stolen data to the hacker’s server.

Experts point out that although CallerSpy is targeted at the Android system, its developers may be expanding its capabilities so that the trojan can be used to attack other systems. At present, it is unclear what the hackers’ intentions or targets are.