has been discovered hidden inside a counterfeit Pornhub app, as well as other phony apps including Google Play and the note-taking app EverNote, according to a report by Forbes.com.
But Monokle, which so far is found only on Android phones and mobile devices, has something else that makes it especially sinister. The spyware is created by a company that goes by the harmless-sounding name Special Technology Center. But in reality, the firm is a Russian defense contractor with ties to Russia’s military intelligence agency the GRU so close that STC was hit with economic sanctions by the Obama administration for its role in the 2016 Russian cyber attack on the presidential election—an attack carried out by the GRU, known in English as the Main Intelligence Directorate.
Researchers at the Canadian cybersecurity firm Lookout released a research report Wednesday detailing the alarming capabilities of the Monokle spyware. In addition to the ability to sniff out passwords from locked phones, and surreptitiously watch and record any activity on a targeted phone’s screen, Monokle can even get a sense of a target’s unique interests by accessing predictive text dictionaries—the built-in software in most devices that continually suggests words and phrases as a user types into a text message or app.
The fake Pornhub app, and other branded apps, are largely indistinguishable from the real apps they mimic, except that they include the hidden spyware that can also vacuum up data from other apps on a user’s phone or tablet, according to the tech news site Inquirer.net.
Among Monokle’s other sinister capabilities are the ability to take photos and videos, as well as monitor and record phone and text conversations, even from encrypted apps such as WhatsApp, according to The Next Web.
So far, according to Lookout, STC has created only an Android version of Monokle, but the Lookout report says that the St. Petersburg, Russia, firm which employs 1,500 people has recruited iOS software developers to work on a version of Monokle that would infiltrate Apple devices—iPhones and iPads—as well.
STC is known primarily for developing technology used in Unmanned Aerial Vehicles—better known as drones—and radar systems. But Lookout found that the firm also includes a division dedicated to developing ultra-sophisticated spyware.
The good news, if there is any, is that at least so far, Monokle does not appear to be widely distributed, instead used only in “highly targeted” fashion by Russian spies. Known targeted groups include Muslim men in Russia’s turbulent Caucasus region, as well as Islamic militant groups in Syria that oppose that country’s Russian-supported dictator, Bashar al-Assad, according to the military news site Defense One. But the researchers say that there have been some cases of Monokle appearing in “the wild.”
Photo By Macedo Media / Wikimedia Commons Public Domain