KoSpy targets apps that are in Korean and English. It infiltrated Google Play as an app called "File Manager - Android." Google has since removed the app, which only attracted about 10 downloads.

Cybersecurity researchers at Lookout have discovered KoSpy, a sophisticated Android spyware linked to North Korea that has managed to infiltrate the Google Play Store. The malware is attributed to ...

Lookout Threat Lab researchers discovered the spyware, dubbed KoSpy, attributing it with medium confidence to North Korean APT group ScarCruft, also known as APT37.