Chat Apps Quietly Snapping Pictures, Recording Audio - Immediate Deletion Advised
Austin JayESET researchers have identified Android apps designed to spy on users, with six found on Google Play and others on VirusTotal. Disguised as messaging or news apps, these apps secretly run a remote access trojan called VajraSpy, linked to the Patchwork APT campaign.
The primary function is extensive spying, exploiting granted permissions to steal contacts, files, call records, and text messages.
Some can access WhatsApp and Signal chats, record calls, and intercept notifications. The apps also transmit device locations and installed app names to command and control centers. Particularly concerning is their ability to capture photos and record surrounding audio.
The Google Play apps alone amassed 1,400 downloads, primarily targeting users in Pakistan and India.
Love-trap scams have taken a malicious turn as cybercriminals exploit the emotions of users through deceptive Android apps. Researchers from ESET have exposed a list of these harmful apps that primarily function as spyware, secretly collecting user data.
Six identified apps were on Google Play, while the rest were hosted on VirusTotal. The rogue apps masquerade as legitimate messaging apps, with one posing as a news app. Operating silently in the background, they execute remote access trojan (RAT) code, specifically the VajraSpy, linked to the Patchwork APT campaign.
These apps, designed to target users primarily in Pakistan and India, have alarming capabilities. They can steal contacts, files, call records, text messages, and even access WhatsApp and Signal chats. Some apps record phone calls and intercept notifications. The most concerning aspect is their ability to capture photos of victims and record surrounding audio.
The cybercriminals behind these apps deploy a honey-trap or love-trap strategy, enticing victims with romantic interest to convince them to download the malicious apps.
On Google Play, the apps were downloaded 1,400 times before being removed. The listed apps on VirusTotal include YohooTalk, TikTalk, Hello Cha, Nidus, GlowChat, and Wave Chat. It is crucial for users to promptly delete these apps for their safety, even after removal from the official app store.
The research underscores the importance of exercising caution in online interactions and avoiding suspicious messaging apps to safeguard personal information and privacy.
Also Read: WhatsApp Boosts Experience: Share Original-Quality Photos, Videos
Among its components, secure messaging includes some of the most critical components, which are end-to-end encryption, synchronization across devices, and multi-mode messaging.
With end-to-end encryption, only negotiating sides can access the messages, as it is done in a completely private mode. Multiple-mode communication provides greater versatility because users can send SMS, videos, and audio messages via the platform. The availability of cross-support platforms enables synchronization of the messages sent using the mobile, web, and desktop interfaces with additional data privacy mechanisms.
Among the best secure messaging apps:
These apps prioritize user privacy, providing a secure messaging experience based on individual preferences and communication needs.
Related Article: Meta To End Cross-Platform Messaging: Instagram And Facebook Link Discontinued
most read
related stories
more stories from News
Get the scoop on iPhone 17 rumors: from a 'Slim' version to a revamped Dynamic Island, explore the possibilities!
ernest hamiltonExperience AI-enhanced One UI 6.1 on your Galaxy Z Fold 4. Upgrade now for smarter interactions and enhanced user experience!
ernest hamiltonBumble's dynamic shift: Women no longer need to make the first move. Explore automated conversation starters and new dynamics!
ernest hamiltonDiscover the latest leaked specs for the Sony Xperia 1 VI, including cameras, chipset, and battery details. Stay updated!
ernest hamiltonThe Rabbit R1 appears to be just an Android app, despite earlier speculations. Read more about Rabbit's denial.
ernest hamiltonGoogle introduces a playful twist to calls with audio emojis, including a fart button. Discover the fun!
ernest hamiltonDiscover how Apple's Safari AI upgrade is revolutionizing browsing. Click to stay ahead with the latest tech insights!
ernest hamiltonStay updated on Apple's efforts to fix iPhone alarm silence bug. Read more for the latest on this critical issue!
ernest hamilton