“Lookout Threat Lab researchers have discovered a novel Android surveillance tool, dubbed KoSpy, which appears to target Korean and English-speaking users. The spyware, attributed with medium confidence to the North Korean APT group ScarCruft (also known as APT37), is a relatively new family with early samples going back to March 2022. The most recent samples were acquired in March 2024.
ScarCruft is a North Korean state-sponsored cyber espionage group active since 2012. While primarily targeting South Korea, it has also conducted operations in countries including Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and several Middle Eastern nations.”
That’s just the most important thing here; the full report is absolutely worth a read. My recommendation is to be careful what you download, regardless of if it comes from a “trustworthy/secure source” like the Play Store or Apple’s App Store.