PhantomLance Malware in Google Play Store
According to Kaspersky security experts, a new campaign has been launched to spread PhantomLance malware to target generally Asian countries. This malware is located in the applications available in the Google Play Store and is downloaded and installed by the user on the phone, along with the victim. The malware has been active since 2016, but according to surveys conducted in recent months, its activity has increased significantly.
This malware is spyware and steals information such as the user's geographic location, call history, saved contact list, SMS monitoring, installed app list, and other phone information and sends it to the attacker.
Countries affected by the malware include Iran, India, Nepal, Malaysia, Indonesia, Bangladesh, Myanmar, South Africa and Algeria.
So far, various examples of this malware have been discovered by researchers. This malware is generally located next to applications and Android tools. After installing these applications, depending on the Android version and the type of phone, a special version of the malware will be installed on the phone with the user.
According to security experts Kaspersky, applications containing the malware have been identified in the Google Play Store and removed from the store. So by activating the Google Play Protect feature on your Android phone, you can remove apps that have been removed from the store that are still installed on your phone.