A new targeted surveillance app has been found and booted from Google Play. The app, named Dardesh, posed as a chat application and acted as a downloader for a second app that could spy on users.
The Dardesh app was spotted and analyzed by Lookout researchers, who dubbed the malware family Desert Scorpion.
How was the app delivered to targets?
The malicious Dardesh chat app was apparently downloaded and installed by over a hundred users, after having been promoted via a long-running Facebook profile that posted the link to the app located on Google Play.