Law enforcement agencies across Europe have conducted a major crackdown and arrested users of DroidJack malware.
Officials raided several properties in the UK, Germany, France, Belgium and Switzerland.
The Android focused malware is a remote access Trojan that is sold online for £137 and is used by criminals to spy on smartphone data traffic, snoop on phone conversations, hijack a phone’s camera, and also take control of Android smartphones.
DroidJack has features similar to Android remote administration tool (RAT) and allows hackers to get IMEI number, Wi-Fi MAC address, cellphone carrier details, and last GPS location check in. The hackers can listen to live or record audio from the device’s microphone.
European Union’s law enforcement agency Europol said that the crackdown was extended to the US.
The agency supported the investigation by providing analytical support and information exchange in the framework of the Joint Cybercrime Action Taskforce.
BBC cited Symantec principal security response manager Peter Coogan as saying: "It can track a user’s every move without their knowledge.
"There was a documented case back in 2014. I think where it was being sent out via spam email and pretending to be a bank.
"It is likely at that time that they were trying to steal banking details off the phone."