LunaSpy Disguises as Antivirus, Targets Android Devices

26 Aug 2025

A new spyware threat named LunaSpy has been identified by security researchers, posing significant risks to Android users. This sophisticated spyware disguises itself as an antivirus or banking protection application, primarily spreading through messaging platforms such as Telegram. Once installed, it conducts fake scans and delivers alarming warning messages about supposed threats. Under the guise of 'fixing' these fabricated issues, LunaSpy requests expansive permissions.

Leveraging social engineering, the spyware capitalizes on users' urgency and fear, prompting them to grant extensive and risky permissions. Once users accept these permissions, including accessibility, notification, and device admin access, LunaSpy can undertake a sweeping exfiltration of sensitive data. This includes reading text messages, extracting credentials from browsers and messaging apps, tracking the user's location, and even recording audio and video. Reports suggest that the harvested data is channeled to a vast network, comprising approximately 150 servers.

A distinctive feature of this malicious application is that it often requires users to sideload an APK file received through a chat link, usually sent from a contact whose account has been compromised. Upon clicking on these links, users initiate the installation of LunaSpy, which then sets about exfiltrating logs, credentials, media, and sensor data from the device.

Protection and Prevention

Users can take several measures to defend against LunaSpy and similar threats. It is imperative not to install APKs from chat links. Instead, only download applications from reputable vendors available on the Google Play Store. If an application resembling LunaSpy has already been installed, users are advised to uninstall it immediately, thoroughly review and revoke any excessive permissions such as accessibility and notification access, and update their Google Play Protect settings.

To further enhance security, running a complete scan, resetting passwords, and enabling two-factor authentication are recommended. In cases of suspected persistent compromise, backing up data and performing a factory reset, followed by restoring only trusted applications from the Play Store, is advised.

The emergence of LunaSpy serves as a broader cautionary tale: users must remain skeptical of unsolicited, urgent messages and unexpected downloads. Legitimate security tools typically do not manipulate users through fear into granting extensive permissions nor arrive unexpectedly via chat. By understanding the discrepancy between how genuine security products should operate versus how LunaSpy behaves, users can avoid falling prey to such manipulative tactics.

Top charts for Mobile Android

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
5585030
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
994198
downloads
Minecraft

Minecraft

Latest update Minecraft download for free for Windows PC or Android mobile

5
750 reviews
438483
downloads
Geometry Dash

Geometry Dash

Latest update Geometry Dash download for free for Windows PC or Android mobile

4
539 reviews
365060
downloads

News and reviews for Mobile Android

Google Play Games to Undergo Changes in 2025 Update

Play Games reshapes with new profiles featuring stats and milestones. Google collects game data to enhance user experience. While optional, users must delete accounts to opt out.

Read more

Play Store Updates App Restore for Easier Device Setup

Play Store distinguishes restored apps in Downloads list setup. This tweak, observed on the Pixel 10 Pro XL, aims to simplify transfers and reduce setup stress.

Read more

Google Tightens Sideloading Rules for App Developers

Google will mandate identity verification for sideloading apps on Android devices in select regions by 2026, aiming to reduce malicious activities while affecting third-party app stores.

Read more

Latest Android Deals: Apps, Games and Google Pixel Offers

Discover the latest Android app and game deals alongside exciting pre-order offers for the new Google Pixel 10 lineup.

Read more

Russia's Max Aims to Redefine Digital Communication Landscape

Russia's Max app, developed by VK, emerges as a patriotic alternative for communication, transactions, and services amid security and privacy concerns.

Read more

Destiny Rising Extends Epic Gameplay Beyond Consoles

Destiny Rising launches worldwide, blending classic Destiny elements with new features. The mobile game, licensed by Bungie, offers single-player, co-op, and competitive modes, redefining the sci-fi RPG experience with fresh content and extensive multiplayer options.

Read more

Google Introduces Auto-Open Feature in Play Store Apps

Google's Auto-open feature allows apps to launch automatically post-installation. Pixel devices receive this update first, with a countdown for user convenience.

Read more

Google Phases Out Sideloading for Enhanced Security Measures

Google has announced the end of sideloading on Android, aiming to enhance security by requiring app developer verification, aligning more closely with iOS practices.

Read more

Destiny Rising Unveiled: A Fresh Mobile RPG Experience

Destiny Rising, the new mobile RPG spinoff by Bungie and NetEase, offers engaging gameplay with familiar characters and modern features like player housing.

Read more

Developer Verification Set to Enhance Android App Security

Google's new app verification process will require developer registration for Android apps, aiming to enhance security by reducing malware and spam, while allowing continued sideloading and app store choice.

Read more