March 8, 2026

This creepy new Android malware records your audio and tracks your location

April 4, 2022 0

Cybersecurity researchers from Lab52 have identified a new Android malware called Process Manager, capable of recording the target endpoint’s audio, as well as read and send SMS messages. 

While the malware does seem to share a few similarities with the popular Russian state-sponsored threat actor Turla, it would seem as if the group isn’t behind this particular variant, or the campaign.

The similarity between Process Manager and other Turla malware is in the fact that both use the same shared-hosting infrastructure.

TechRadar needs you!

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window

Hiding in plain sight

When installed, the Process Manager malware comes with a gear-shaped icon, to try and trick the victims into thinking the app is a core Android item. After that, it looks to obtain more than a dozen permissions, including access to the camera, the device’s location, the ability to read and send SMS messages, to read call logs and contacts, to record audio and read and write external storage. 

It’s unclear how it obtains these permissions – if it tries to trick the victim into granting them, or if it abuses the Android Accessibility service to grant itself the permissions.

This is where the differences between this threat actor and Turla begin to show. If the malware gets the permissions, it removes its icon and runs in the background. Still, the user can know the app is running, due to the permanent notification that sits in the pulldown menu.

Read more

> That Android antivirus could actually be malware

> Millions of Android phones infected with this dangerous new malware

> The android threat disrupting airwaves

The goal that the threat actor is trying to achieve with Process Manager also doesn’t befit Turla. The Russian APT is usually engaged in cyber espionage. This malware installs Dhan: Earn Wallet cash, a popular money-generating referral system app found in the Play Store. It downloads the app through the referral system, to earn commission for the attackers.

It’s also unclear how Process Manager is being distributed, but it’s mostly likely making rounds through identity theft, social engineering, and phishing sites.

If you’re looking to stay safe from threats lurking on the internet, you should consider a strong firewall

Via: BleepingComputer

You may have missed

Top Petrol Scooters in India with Largest Underseat Storage (2026)

Top Petrol Scooters in India with Largest Underseat Storage (2026)

March 8, 2026 0
5 iPhone changes you can make right away to help you sleep better

5 iPhone changes you can make right away to help you sleep better

March 7, 2026 0
Best Apple Deals of the Week: First Discounts Hit All of Apple’s New Products, Including MacBook Neo and More

Best Apple Deals of the Week: First Discounts Hit All of Apple’s New Products, Including MacBook Neo and More

March 7, 2026 0
I took over 10,000 photos on 13 different flagship phones, and here’s what I found

I took over 10,000 photos on 13 different flagship phones, and here’s what I found

March 7, 2026 0
Maharashtra Proposes Double Green Tax, Scrappage Incentives For Old Vehicles

Maharashtra Proposes Double Green Tax, Scrappage Incentives For Old Vehicles

March 7, 2026 0