A new malware campaign targeting millions of Android users has been discovered by security researchers at Kaspersky. The “LumaSpy” spyware masquerades as a legitimate antivirus or banking security tool to trick users into installing it. Once installed, the malware gains access to sensitive information, including camera and microphone recordings, texts, contacts, location data, and even passwords stored in browsers like Google Chrome.
To protect themselves, Android users are advised to be cautious when receiving messages with APK files from unknown sources, disabling the ability to install unknown apps, and regularly checking app permissions. It is also recommended to delete all non-mainstream security software and use a reputable password manager instead.
The simplest way to avoid falling victim to this threat is to stop using any unverified security or antivirus software altogether. Users should delete all such apps from their phones and opt for paid, mainstream alternatives to ensure their device’s security.
Source: https://www.forbes.com/sites/zakdoffman/2025/08/11/new-android-spyware-warning-stop-using-all-these-apps-now