Experts from Lookout warn against new wave of malware (or surveillanceware to be more precise) attacks directed at users using Android devices.

Monokle is operated remotely by another application. The malware is able to register user actions, such as key input, capture photos, videos, browser history, and worse, user’s PIN, pattern or password.

The malware is hidden in applications that pretend to be popular apps for Android.

The creation of Monokle was facilitated by a Russian company called STC, which manufactures drones and other equipment for the Russian military. Lookout claims that the malware is directed at people associated with rebel forces in Syria, which can be confirmed by the fact that one of the fake apps was Ahrar Maps.