We are talking about mobile versions of programs for Android, in particular Skype, Signal and Pornhub.
“They add in the fake versions a malicious Monocle addon that can read the image from the smartphone screen at any time and transfer the picture to Russia, “the company report said.
Lookout emphasizes that this is a common method used by malware developers.
“They are” repacking “a known application with harmful functions, so as not to arouse users’ suspicions,” said a company engineer.
According to Lookout, the main risk groups are Muslims, people living in the Caucasus, as well as in the countries of Central Asia, particularly in Uzbekistan.
In addition, the company claims that the Monocle addon was developed by a company that is associated with the General Intelligence Directorate of the the Russian Armed Forces (GRU).