A new Android malware campaign is distributing SpyNote, a remote access Trojan, via fake Google Play Store pages. Once installed, SpyNote allows attackers to access devices, steal data, track locations, and more. The malware is persistent, often requiring a factory reset to remove. Evidence hints at a China-based origin, though attribution is unconfirmed.

‍