The fully decompiled code and assets of 421and.apk can be found here: FinSpyMobileAndroid-decompiled.zip (no password).
This particular APK, although not the latest, is not obfuscated and easily reveals most capabilities of the malware:
- Location tracker
- Information stealer (calendar, contact list, text messages, Whatsapp databases, etc.)
- Remotely controlled through encrypted communication over SMS and data
A great recap of the full story can be read on Netzpolitik. Real time updates are on Twitter.
One thought on “FinFisher FinSpy Mobile app for Android decompiled”