After installation, the internet radio component is fully functional, playing a stream of Balouchi music.
SpyHuman Monitoring App
However, the added malicious functionality enables the app to steal contacts, harvest files stored on the device and send SMS messages from the affected device. Functionality for stealing SMS messages stored on the device is also present. As AhMyth has more variants whose functionalities vary, the Radio Balouch app and any other malware based on this open-source espionage tool might get further functions in the future via an update.
After launch, users choose their preferred language English or Farsi ; in the next step, the app starts requesting permissions. First, it requests access to files on the device, which is a legitimate permission for a radio app to enable its functionality; if declined, the radio would not work. Then, the app requests the permission to access contacts. Here, to camouflage its request for this permission, it suggests this functionality is necessary should the user decide to share the app with friends in their contact list.
If the user declines to grant the contact permissions, the app will work regardless.