A new, sneaky variant of Android.Mobilespy has been discovered. This malware steals information, and displays advertisements, however it executes it in a different way than most malware. It tries to make it look as though another application is responsible for its behavior. Once the malware Android.Mobilespy is installed, it then attempts to install an app called AnonyServices, which claims to assure the user’s anonymity online, but it actually allows the threat to display advertisements. In an effort to hide its suspicious activity from the user, the malware lies in wait for several days before it begins displaying the advertisements on top of the majority of launched programs. Therefore, the possibility of detecting the source of infection on a compromised device by the user is really low. By doing so, this could make the user think that the current app that is running is responsible for the ads being displayed. 

How To Stay Protected:

• It is strongly recommend that Android devices owners only download applications from reliable sources such as the Google Play Store.
• Users should pay attention to the applications that request the use of the Accessibility Service. Once the malicious application gets these privileges, it can interact with the graphic interface and can even operate as a keylogger by intercepting the information entered by the victim. As a result, the program will be able to steal data such as text messages, and even passwords.
• Norton Mobile Security provides protection against this Trojan. You can download it from the Google Play Store here.