Anybody who hasn’t installed a security solution on the smartphone they received for Christmas might want to do so post-haste.

Kaspersky Lab researchers have discovered multi-stage spyware it calls Skygofree that could give a cybercriminal full control of an infected device.

The first version of the malicious software is said to have been created in 2014 but has since been upgraded to include the ability to eavesdrop on conversations.

Skygofree is also able to take photos and videos, seize call records, calendar events. Simply put if Skygofree makes its way onto your handset everything can – and likely will – become the property of the attacker.

“Other advanced, unseen features include using Accessibility Services to steal WhatsApp messages and the ability to connect an infected device to Wi-Fi networks controlled by the attackers,” says Kaspersky Lab.

The spyware is said to be spread through spoofed mobile network operator webpages. Many of the spoofed pages were created in 2015 when the Skygofree campaign was at its peak but another domain was registered in October 2017.

Kaspersky Lab notes that the creators of the malware may be an Italian IT company. The attackers also appear to be training their sights on Windows users as well with a number of recently developed modules targeting the Microsoft operating system.

The advice for users is to both install a security solution on their smartphone and be wary of clicking links especially from a network provider.

If you are in doubt it’s best to contact your network operator to verify the authenticity of any message you receive.

It might seem like a pain but then again so is having your entire life at the fingertips of a criminal.

[Image – CC 0 Pixabay]