Program.SnoopPhone
Program.SnoopPhone is an Android monitoring application classified by Dr.Web as a potentially unwanted surveillance tool. According to the provided content, it is designed to monitor Android device owners and allows intruders to read SMS messages, collect call information, track device location, and record the device’s surroundings. The content does not provide additional high-confidence details on specific infection vectors, distribution methods, associated threat actors, targeted industries, or indicators of compromise beyond these surveillance capabilities.
Hunt this family in your stack
Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
Recent activity
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Monitoring/stalkerware app enabling SMS access, call data collection, location tracking, and ambient recording.
Monitoring/spying app enabling SMS access, call log collection, location tracking, and ambient recording.
The version that knows your environment.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.