Researchers with F-Secure discovered an Android app that is a spy app disguised as a Snake game. The Snake spy app is for use with GPS Spy, an Android spy app. The idea is that you’d download and install the Snake spy app onto the Android phones that you’ll want to spy on; from there, the Snake app will run in the background and keep tabs on that phone.
Sneaky. Video after the jump.
F-Secure speculates that Google will remove the app from the Android Market, or hit the app “kill switch.”
This isn’t malware in the truest sense–you need to have physical access to the phone, according to F-Secure–but it’s still best classified as a Trojan Horse. And while there are some practical purposes for spying apps–for example, monitoring your kids–there are countless ways that this sort of thing could be abused (spying on co-workers or a spouse, for example).
Also, this does serve as a reminder that, while there are advantages to Google’s more open app store policies, that openness does have its drawbacks, so the onus is on you to stay alert. If you didn’t knowingly download an app to your phone, you’ll want to question it before you run it.