A new Android app called LunaSpy poses as an antivirus or banking protection tool but is actually sophisticated spyware. It spreads mainly through messaging platforms like Telegram, using social engineering tactics to prompt users to grant extensive permissions by generating fake “threats found” notifications. Once granted access, LunaSpy can read text messages, extract credentials, track locations, and record audio or video. The app is distributed through links that encourage users to sideload an APK rather than downloading from the official Play Store. It requests excessive permissions that legitimate antivirus apps would not demand, making devices vulnerable to data exfiltration. Users are advised to avoid installing APKs from chat links, uninstall suspicious applications, review and revoke excessive permissions, and take steps to secure their accounts.