Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-Spy AndroidOS

Trojan-Spy.AndroidOS.SpyNote.al

Update Date
02/12/2024

Class: Trojan-Spy

Trojan-Spy programs are used to spy on a user’s actions (to track data entered by keyboard, make screen shots, retrieve a list of running applications, etc.) The harvested information is then transmitted to the malicious user controlling the Trojan. Email, FTP, the web (including data in a request) and other methods can be used to transmit the data.

Read more

Platform: AndroidOS

Android is an open-source operating system developed by Google for mobile devices, such as tablets, smartphones, and watches. Based on a Linux kernel and the Dalvik virtual machine (older versions) / Android Runtime environment (newer versions).

Family: Trojan-Spy.AndroidOS.SpyNote.al

No family description

Examples

F393713C33DAFEEA2516C415717C9C51
91FEA7F6D27836D598899B7C20AA3AE8
8D14C9B3862F793D3CBD46BE9E1746AA
5001FB97E8F807B411783FAE9C2B7764
348C1DE3AD388E906E3FAB40AE5B2612

Tactics and Techniques: Mitre*

TA0005
Defense Evasion

Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches (dir /a for Windows and ls –a for Linux and macOS).


T1564.001
Hidden Files and Directories

Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches (dir /a for Windows and ls –a for Linux and macOS).


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
19 September 2025
Securelist
Threat landscape for industrial automation systems in Q2 2025
16 September 2025
Securelist
RevengeHotels: a new wave of attacks leveraging LLMs and VenomRAT
15 September 2025
Securelist
Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
10 September 2025
Securelist
Notes of cyber inspector: three clusters of threat in cyberspace
05 September 2025
Securelist
IT threat evolution in Q2 2025. Mobile statistics
05 September 2025
Securelist
IT threat evolution in Q2 2025. Non-mobile statistics
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.