A targeted mobile spyware campaign deployed a fraudulentAndroid “dating” app to lure victims and install persistent surveillance malware. Distributed through social media and messaging links, the fake app requests extensive permissions, such as access to SMS, contacts, and media, that allow the spyware to exfiltrate messages, location data, and credentials once granted. The operation illustrates how social engineering remains a core vector for mobile compromise: attackers exploit user trust in benign app categories to embed advanced monitoring code. As mobile devices routinely store personal and work data, the findings reinforce the importance of cautious app sourcing and vigilant permission management.