Chat Apps Quietly Snapping Pictures, Recording Audio - Immediate Deletion Advised
Austin JayESET researchers have identified Android apps designed to spy on users, with six found on Google Play and others on VirusTotal. Disguised as messaging or news apps, these apps secretly run a remote access trojan called VajraSpy, linked to the Patchwork APT campaign.
The primary function is extensive spying, exploiting granted permissions to steal contacts, files, call records, and text messages.
Some can access WhatsApp and Signal chats, record calls, and intercept notifications. The apps also transmit device locations and installed app names to command and control centers. Particularly concerning is their ability to capture photos and record surrounding audio.
The Google Play apps alone amassed 1,400 downloads, primarily targeting users in Pakistan and India.
Love-trap scams have taken a malicious turn as cybercriminals exploit the emotions of users through deceptive Android apps. Researchers from ESET have exposed a list of these harmful apps that primarily function as spyware, secretly collecting user data.
Six identified apps were on Google Play, while the rest were hosted on VirusTotal. The rogue apps masquerade as legitimate messaging apps, with one posing as a news app. Operating silently in the background, they execute remote access trojan (RAT) code, specifically the VajraSpy, linked to the Patchwork APT campaign.
These apps, designed to target users primarily in Pakistan and India, have alarming capabilities. They can steal contacts, files, call records, text messages, and even access WhatsApp and Signal chats. Some apps record phone calls and intercept notifications. The most concerning aspect is their ability to capture photos of victims and record surrounding audio.
The cybercriminals behind these apps deploy a honey-trap or love-trap strategy, enticing victims with romantic interest to convince them to download the malicious apps.
On Google Play, the apps were downloaded 1,400 times before being removed. The listed apps on VirusTotal include YohooTalk, TikTalk, Hello Cha, Nidus, GlowChat, and Wave Chat. It is crucial for users to promptly delete these apps for their safety, even after removal from the official app store.
The research underscores the importance of exercising caution in online interactions and avoiding suspicious messaging apps to safeguard personal information and privacy.
Also Read: WhatsApp Boosts Experience: Share Original-Quality Photos, Videos
Among its components, secure messaging includes some of the most critical components, which are end-to-end encryption, synchronization across devices, and multi-mode messaging.
With end-to-end encryption, only negotiating sides can access the messages, as it is done in a completely private mode. Multiple-mode communication provides greater versatility because users can send SMS, videos, and audio messages via the platform. The availability of cross-support platforms enables synchronization of the messages sent using the mobile, web, and desktop interfaces with additional data privacy mechanisms.
Among the best secure messaging apps:
These apps prioritize user privacy, providing a secure messaging experience based on individual preferences and communication needs.
Related Article: Meta To End Cross-Platform Messaging: Instagram And Facebook Link Discontinued
most read
related stories
more stories from News
Discover the key features and security enhancements of Apple's iOS 17.5 update.
ernest hamiltonDiscover top iPhone apps that let you earn real money by playing games, scanning receipts, and staying active.
ernest hamiltonSamsung has reached a remarkable milestone, shipping nearly 3 billion smartphones since 2014. Discover how the tech giant's decade-long dominance and innovative advancements have solidified its leadership in the global smartphone market.
ernest hamiltonLearn about Apple's settlement in the class-action lawsuit over iPhone 7 audio issues, offering up to $349 compensation for eligible users. Dive into the details and implications of this landmark agreement.
ernest hamiltonThousands of Apple users experienced a major iMessage outage on Thursday evening, impacting communication across the U.S., Canada, and the U.K. Downdetector reported over 13,000 disruptions starting at 6 p.m. ET. Stay updated with the latest developments and potential fixes.
ernest hamiltonDelve into the complexities of managing screen time for children as parents navigate between practicality and idealism.
ernest hamiltonDiscover why the Pixel 7a outperforms the new Pixel 8a in this detailed comparison. Learn about the advantages in affordability, color options, and feature parity. Read now to make an informed choice!
ernest hamiltonDiscover the future of smartphone audio with Moondrop's MIAD 01. Explore its dual audio jacks and premium DACs in this in-depth review. Ready to elevate your music experience? Read now!
ernest hamilton