Lookout researchers have identified several spyware applications distributed through Google Play. All of them belong to the family SonicSpy and are engaged in the fact that they are monitoring their victims around the clock, sending the received information to the server of intruders.

One of the most common representatives of the SonicSpy family is the Soniac pseudo-speaker, which, during its existence, has been downloaded about 5000 times. According to experts, Soniac is able to activate the functions of an infected smartphone, such as a dictaphone, camera, as well as access to messages from the victim and make calls.

Thus, a malicious user can gain control over the bank accounts of his victims and sign them on all sorts of paid mailings.

Similar functionality is possessed by two other applications identified by Lookout specialists during the course of the audit. These include remote Hulk Messenger and Troy Chat.

At the time of publication on Google Play, there are no references to SonicSpy applications. It is not known for sure whether this is a consequence of the work of Google itself or an attempt by intruders to save their achievements from deletion in order to subsequently resume their fraudulent activities.