BondPath
The activity of Android spyware and malware has peaked in 2020, and of the main contributing factors for this is the ongoing COVID-19 pandemic. Many old malware families were reworked and released online, and BondPath is just one of them. This threat, also known as PathCall or Dingwe, has been around since 2018. It works on Android devices exclusively, and the 2020 variant has introduced a wide range of improvements that allow the spyware to be stealthier and more threatening.
BondPath was Found on the Official Google Play Store
The cybercriminals behind BondPath attacks may rely on different methods to deliver the corrupted APK file to their victims. In some instances, the BondPath spyware was hosted on the official Google Play Store, pretending to be a useful application or an entertaining game. Copies of it also were found on 3rd-party application stores, which users should avoid unless their Android devices are protected by a trustworthy anti-malware application.
When the BondPath infiltrates a device, it may ask the victim to provide it various permissions – many people do not pay attention to these requests, and click 'Allow' on every prompt instinctively. Once the BondPath is up and running, it may hide its icons from all menus and then disguise its 'applications' entry as a service called 'Google Play Store Services.' This name is unlikely to attract unwanted attention from the victim since they might think it is a legitimate Google service.
This Fully-Fledged Android Spyware Has Been Active for Over 2 Years
BondPath's monitoring features are very rich, and victims of this threat can be in a lot of trouble because of its ability to:
- Record phone conversations or record audio via the microphone.
- Access contacts and call logs.
- Read the browser history.
- Fetch old and new emails.
- Browse and collect phone files.
- Get a list of installed applications.
- Intercept incoming and outgoing text messages.
BondPath also has the ability to spy on certain social media applications. Some of the spyware's modules are able to extract chats and information from WhatsApp, Viber, Line, Facebook and Skype. The attacker can control all of the implant's features through a Web-based control panel, which also shows them the GPS location of the infected device.
Protecting your Android device from spyware like BondPath is not difficult if you opt to use the security services offered by popular Android anti-malware applications. It is also advisable to only download applications from trustworthy sources, as well as check reviews and ratings before downloading anything from the official Google Play Store.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.