Chat Apps
Unsplash/Mika Baumeister

ESET researchers have identified Android apps designed to spy on users, with six found on Google Play and others on VirusTotal. Disguised as messaging or news apps, these apps secretly run a remote access trojan called VajraSpy, linked to the Patchwork APT campaign.

The primary function is extensive spying, exploiting granted permissions to steal contacts, files, call records, and text messages.

Some can access WhatsApp and Signal chats, record calls, and intercept notifications. The apps also transmit device locations and installed app names to command and control centers. Particularly concerning is their ability to capture photos and record surrounding audio.

The Google Play apps alone amassed 1,400 downloads, primarily targeting users in Pakistan and India.

Android Apps Exploiting Love-Trap Scams Unveiled by ESET

Love-trap scams have taken a malicious turn as cybercriminals exploit the emotions of users through deceptive Android apps. Researchers from ESET have exposed a list of these harmful apps that primarily function as spyware, secretly collecting user data.

Six identified apps were on Google Play, while the rest were hosted on VirusTotal. The rogue apps masquerade as legitimate messaging apps, with one posing as a news app. Operating silently in the background, they execute remote access trojan (RAT) code, specifically the VajraSpy, linked to the Patchwork APT campaign.

These apps, designed to target users primarily in Pakistan and India, have alarming capabilities. They can steal contacts, files, call records, text messages, and even access WhatsApp and Signal chats. Some apps record phone calls and intercept notifications. The most concerning aspect is their ability to capture photos of victims and record surrounding audio.

The cybercriminals behind these apps deploy a honey-trap or love-trap strategy, enticing victims with romantic interest to convince them to download the malicious apps.

On Google Play, the apps were downloaded 1,400 times before being removed. The listed apps on VirusTotal include YohooTalk, TikTalk, Hello Cha, Nidus, GlowChat, and Wave Chat. It is crucial for users to promptly delete these apps for their safety, even after removal from the official app store.

The research underscores the importance of exercising caution in online interactions and avoiding suspicious messaging apps to safeguard personal information and privacy.

Choosing a Secure Messaging App: Key Features and Options

Among its components, secure messaging includes some of the most critical components, which are end-to-end encryption, synchronization across devices, and multi-mode messaging.

With end-to-end encryption, only negotiating sides can access the messages, as it is done in a completely private mode. Multiple-mode communication provides greater versatility because users can send SMS, videos, and audio messages via the platform. The availability of cross-support platforms enables synchronization of the messages sent using the mobile, web, and desktop interfaces with additional data privacy mechanisms.

Among the best secure messaging apps:

  • Signal Private Messenger stands out for its open-source protocol and self-destructing messages, while Wire offers conferencing and timed conversations.
  • Threema prioritizes privacy with features like anonymous chat and QR code verification.
  • Telegram provides self-destructing messages and distributed servers, ensuring security.
  • Pryvate Excel has remote wipe functionality and auto-delete messages.
  • Wickr Me allows for secure screen sharing, and Silence prevents screen-shotting, ensuring privacy.
  • iMessage offers end-to-end encryption and message control features.
  • Line, developed after a natural disaster, emphasizes end-to-end encryption and additional features like Letter Sealing.

These apps prioritize user privacy, providing a secure messaging experience based on individual preferences and communication needs.

© Copyright 2024 Mobile & Apps, All rights reserved. Do not reproduce without permission.