Cybersecurity researchers have uncovered a powerful spyware called EagleMsgSpy being used by law enforcement in China to monitor mobile devices. According to a report by cybersecurity firm Lookout, this spyware has been active since 2017 and was developed by Wuhan Chinasoft Token Information Technology.
The spyware is designed to gather a vast amount of personal information from infected devices. It can access third-party chat messages, record screens and audio, take screenshots, track locations, and even monitor call logs and SMS messages. It can also collect details about the device’s contacts, browser bookmarks, installed apps, and files stored on external storage.
Also read: Researchers warn: Hackers can exploit 5G baseband flaws to spy on cell phone users
According to BleepingComputer, Lookout’s investigation linked the spyware to its developers and operators through evidence such as IP addresses of command-and-control (C2) servers, domain records, internal references in documentation, and public contracts.
The spyware is not available on Google Play or third-party app stores, suggesting that it is distributed manually. According to Lookout, authorities likely install the spyware on unlocked devices during incidents like arrests or confiscations.
An important part of the spyware’s operation is its ability to collect sensitive data silently. The collected information is stored in a hidden folder on the device and is then compressed and password-protected before being sent to the C2 server for further use.
While Lookout’s findings focus on Android, researchers believe there may also be an iOS version of EagleMsgSpy. However, they haven’t obtained a sample to confirm this yet.
Also read: Data of 375 million Airtel India users allegedly put on sale on Dark Web, telco denies report
EagleMsgSpy is capable of gathering: