Newly emergent EagleSpy v5 remote access trojan has been touted by developer "xperttechy" to facilitate covert compromise of Android devices running versions 9 to 15 of the operating system, with the malware leveraging Android's accessibility services to circumvent recently introduced restrictions, reports GBHackers News.
Aside from evading Google Play Protect and other antivirus defenses, EagleSpy v5 which has been spread via malicious APKs masquerading as legitimate apps on unofficial app stores, social media sites, and phishing campaigns also enables extensive keylogging, live screen streaming, call log and SMS access, live audio and video recording, real-time GPS tracking, app and file management, and clipboard takeovers, as well as banking module and ransomware injections, according to a xperttechy's post on a hacking forum. Such a post also included screenshots showing EagleSpy v5's sophisticated graphical user interface, as well as descriptions noting usage without additional root access.
Aside from evading Google Play Protect and other antivirus defenses, EagleSpy v5 which has been spread via malicious APKs masquerading as legitimate apps on unofficial app stores, social media sites, and phishing campaigns also enables extensive keylogging, live screen streaming, call log and SMS access, live audio and video recording, real-time GPS tracking, app and file management, and clipboard takeovers, as well as banking module and ransomware injections, according to a xperttechy's post on a hacking forum. Such a post also included screenshots showing EagleSpy v5's sophisticated graphical user interface, as well as descriptions noting usage without additional root access.
