Monokle is not to be mistaken with the gentelman's fine eye-piece

OH THOSE NAUGHTY RUSSIANS AND THEIR SNOOPING! The Ruskies have been fingered by cybersecurity firm Lookout for creating and spreading highly-targeted Android spyware lurking behind legit PornHub and Google apps.

Lookout noted the spyware was some of the most advanced and fully-featured it has seen out in the wild, and the researchers dubbed the toolset 'Monokle.'

The toolset appears to have been developed by the Sr. Petersburg-based Special Technology Centre (STC), which had US sanctions levied against it from the Obama administration after it was found to have supported the Main Intelligence Directorate (GRU) in fiddling with the US Presidential elections of 2016.

So STC has a less than savoury reputation in the West, and with Monokle it doesn't look like it's going to win any goodwill.

As for Monokle, the spyware uses its sophisticated capabilities to carry out all manner of surveillance and data exfiltration, from recording calls to resetting a target's pincode and sending text messages to a targeted number.

And thanks to the ability to modify the Android trusted certificates, it can use a command and control network to communicate over a variety of connections, from Internet TCP ports to phone calls, meaning it can still carry out surveillance without an internet connection.

"Monokle makes extensive use of Android accessibility services to exfiltrate data from third-party applications by reading text displayed on a device's screen at any point in time," said the researches.

Potentially drawing inspiration from Russian dolls, the spyware makes use of trojanised apps, including Skype, Evernote, and the Google Play Store, which uses the same icons and offer the functionality found in the legit apps, in order to hide the spyware.

This is some dodgy stuff, and a tad concerning is there's no clear idea on how the malware was distributed. And there's also hints in the commands and data transfer objects in Monokle that suggests an iOS version exists or is in the works.

But before you boot your Android phone out into the blistering British heat, it's worth noting that Monokle has been aimed at targets in the Caucasus region, which includes Georgia, Armenia and Azerbaijan, as well as targets in Syria. Monokle activity has been recorded in short bursts, which all points towards it being targeted at specific victims rather than widespread Ruskie surveillance.

Lookout's report has plenty of info in it as to what to look out for if you're thinking you might be under Russian surveillance. But the average Chris or Carly isn't likely to be targeted.

The researchers believe the likely targets were folks interested in Islam, associated with or living the Caucasus region, in the "UzbekChat" messaging app that nods towards the nation of Uzbekistan, a former part of Soviet Russia, and in the Ahrar al-Sham militant group that's currently fighting against the Syrian government.

Going by the research, it looks like the Russian government is keen to keep tabs on folks that might have conflicting views with the stuff it's got involved in, not least the support of Bashar al-Assad's rule in Syria.

While you might not be directly targeted, this is slightly worrying stuff as it shows how spyware can hide behind legitimate apps.

Imagine tapping on the PornHub app to indulge in a bout of sexual self-maintenance, and instead opening yourself up to some nasty snooping, especially as in the case of Monokle, your phone could be made to snap pics and record videos. µ