A new spyware campaign is targeting Android users by posing as antivirus delivered via messenger apps. Once installed on your device, it can do everything from record your screen to steal your passwords. The malware, referred to as LunaSpy, was identified by Kaspersky and is believed to have been active since at least February 2025.
According to Kaspersky, LunaSpy imitates real antivirus software, scanning your device and alerting you to (fake) "threats found," after which it requests extensive permissions so it can spy on your device unsuspected. The malware can execute a range of functions:
Recording audio and video using your device's microphone and camera
Reading texts, call logs, and contact lists
Running arbitrary shell commands
Stealing passwords
Tracking locations
Recording the device screen
The program is also capable of stealing images from your phone's photo gallery. All of this information is then routed to command-and-control servers belonging to the attackers, where it can be used for malicious purposes.
How LunaSpy spreads on Android—and how to protect your device
The LunaSpy campaign proliferates through messenger apps like Telegram. Targets may receive a message from a stranger—or the hijacked account of someone they know—suggesting they install the "antivirus." Victims may also be directed to download the app in a new channel.
In general, you should download apps only from official sources like the Google Play Store (though malware can sometimes slip through the cracks, as with the fake crypto extensions recently found among Mozilla's add-ons). Avoid third-party sources, and don't download APK files from messengers even if you know the sender.
You can also block unknown app installs for sources outside the Google Play Store entirely, so your device will have an extra layer of protection if you do attempt to download a malicious program. While the specifics vary depending on your device, this option can generally be found under Settings > Security.
You should be wary of apps—including antivirus—that request broad permissions without a clear purpose unless you have verified that the software is legitimate and trustworthy. You can confirm which permissions an app has under Settings > Apps > Permissions.
If you suspect that you've installed spyware on your Android, you should immediately uninstall any suspicious apps. A factory reset is a more extreme step, but it should wipe malware completely—just be sure you back everything up first.
Hence then, the article about this spyware campaign is targeting android users via messaging apps was published today ( ) and is available on Live Hacker ( Middle East ) The editorial team at PressBee has edited and verified it, and it may have been modified, fully republished, or quoted. You can read and follow the updates of this news or article from its original source.
Read More Details
Finally We wish PressBee provided you with enough information of ( This Spyware Campaign Is Targeting Android Users Via Messaging Apps )
Also on site :
- AI robots could cost $13,000 by 2035: Here’s what that means for CFOs
- Facebook and Instagram owner enabled child sexual exploitation
- Mick Jagger Sings 9 Words About Dreams We All Need to Hear