Chat Apps Quietly Snapping Pictures, Recording Audio - Immediate Deletion Advised
Austin JayESET researchers have identified Android apps designed to spy on users, with six found on Google Play and others on VirusTotal. Disguised as messaging or news apps, these apps secretly run a remote access trojan called VajraSpy, linked to the Patchwork APT campaign.
The primary function is extensive spying, exploiting granted permissions to steal contacts, files, call records, and text messages.
Some can access WhatsApp and Signal chats, record calls, and intercept notifications. The apps also transmit device locations and installed app names to command and control centers. Particularly concerning is their ability to capture photos and record surrounding audio.
The Google Play apps alone amassed 1,400 downloads, primarily targeting users in Pakistan and India.
Love-trap scams have taken a malicious turn as cybercriminals exploit the emotions of users through deceptive Android apps. Researchers from ESET have exposed a list of these harmful apps that primarily function as spyware, secretly collecting user data.
Six identified apps were on Google Play, while the rest were hosted on VirusTotal. The rogue apps masquerade as legitimate messaging apps, with one posing as a news app. Operating silently in the background, they execute remote access trojan (RAT) code, specifically the VajraSpy, linked to the Patchwork APT campaign.
These apps, designed to target users primarily in Pakistan and India, have alarming capabilities. They can steal contacts, files, call records, text messages, and even access WhatsApp and Signal chats. Some apps record phone calls and intercept notifications. The most concerning aspect is their ability to capture photos of victims and record surrounding audio.
The cybercriminals behind these apps deploy a honey-trap or love-trap strategy, enticing victims with romantic interest to convince them to download the malicious apps.
On Google Play, the apps were downloaded 1,400 times before being removed. The listed apps on VirusTotal include YohooTalk, TikTalk, Hello Cha, Nidus, GlowChat, and Wave Chat. It is crucial for users to promptly delete these apps for their safety, even after removal from the official app store.
The research underscores the importance of exercising caution in online interactions and avoiding suspicious messaging apps to safeguard personal information and privacy.
Also Read: WhatsApp Boosts Experience: Share Original-Quality Photos, Videos
Among its components, secure messaging includes some of the most critical components, which are end-to-end encryption, synchronization across devices, and multi-mode messaging.
With end-to-end encryption, only negotiating sides can access the messages, as it is done in a completely private mode. Multiple-mode communication provides greater versatility because users can send SMS, videos, and audio messages via the platform. The availability of cross-support platforms enables synchronization of the messages sent using the mobile, web, and desktop interfaces with additional data privacy mechanisms.
Among the best secure messaging apps:
These apps prioritize user privacy, providing a secure messaging experience based on individual preferences and communication needs.
Related Article: Meta To End Cross-Platform Messaging: Instagram And Facebook Link Discontinued
most read
related stories
more stories from News
Discover innovative post ideas and expert tips to engage your audience and drive sales. Read now and make this Mother's Day unforgettable!
ernest hamiltonUnveiling OnePlus' controversial move! Are they really sneaking unwanted apps onto their latest flagship phones? Read now for all the details about this bloatware!"
ernest hamiltonDiscover the ultimate arsenal of digital tools for modern moms! Explore this curated list of 10 essential smartphone apps designed to simplify parenting tasks, organizing schedules, tracking developmental milestones and discovering family-friendly activities.
ernest hamiltonDiscover the latest Google Pixel update! Get the scoop on security, stability, and build numbers. Don't miss out, read now to know how you can elevate your Pixel experience.
ernest hamiltonKnow the latest on TikTok's battle against misogyny and harassment as Tobias Henning leaves the company. Read the story now.
ernest hamiltonStay updated! Google Messages Beta introduces a fresh Gallery Picker UI. Explore it now for enhanced messaging experience.
ernest hamiltonExciting news! Samsung has begun developing One UI 7.0 Beta, based on Android 15, for the Galaxy S24 series. Stay tuned for the latest updates.
ernest hamiltonStay tuned for Pixel 8a's first update, introducing Google's AI Wallpaper Generator! Don't miss out on this exciting feature.
ernest hamilton