[ad_1]
NSO Group issued a security alert this week, again this time over the devastatingly powerful Pegasus malware deployed in Jordan to monitor journalists and activists. While this is a high-profile case that led to Apple filing a lawsuit against NSO Group, there are worlds around the world where seemingly innocuous Android apps are collecting sensitive data from ordinary people’s phones.
ESET security experts discovered at least 12 Android apps. Most of them pretend to be chat apps but are actually Trojans on phones, stealing details such as call logs and messages, controlling cameras remotely, and even using end-to-end encrypted platforms like WhatsApp. Extract chat details from .
The apps in question are YohooTalk, TikTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat. Needless to say, if you have these apps installed on your device, remove them immediately.
Notably, six of these apps are available on the Google Play Store, and the risks have increased as users flock here, trusting the security protocols put in place by Google. A remote access Trojan (RAT) named Vajra Spy is at the heart of these apps’ espionage efforts.
Chat apps that cause serious damage
“The virus steals contacts, files, call logs, and SMS messages, but some of its implementations can also extract WhatsApp and Signal messages, record calls, and take photos with the camera. ” states ESET’s discovery report.
Notably, this isn’t the first time Vajra Spy has raised alarms. In 2022, Broadcom also listed it as a variant of a remote access Trojan (RAT) that utilizes Google Cloud Storage to collect stolen data from Android users. The malware is associated with the threat group APT-Q-43, which is known to specifically target members of Pakistan’s military establishment.
VajraSpy’s apparent purpose is to collect information from infected devices and capture user data such as text messages, WhatsApp and Signal conversations, and call history. Most of these apps masqueraded as chat apps and used love-related social engineering attacks to lure their targets.
This is a recurring theme, especially considering the app’s target. In 2023, Scroll reported how cross-border spies used honey traps to lure Indian scientists and military personnel, using a combination of romance and blackmail to extract sensitive information. Even the FBI has issued a warning about digital romance scams, with White House staffers losing more than $500,000 to such traps.
In the latest case of VajraSpy deployment, the app extracts contact details, messages, list of installed apps, call logs, and local files in various formats such as .pdf, .doc, .jpeg, .mp3, etc. It’s done. more. Users with advanced features mandate the use of phone numbers, but doing so also allows him to intercept messages on secure platforms such as WhatsApp and Signal.
In addition to recording text exchanges in real time, these apps can also intercept notifications, record phone calls, log keystrokes, take photos with a camera without the victim’s knowledge, and even use microphones. It is possible that your computer may be hijacked and your audio recorded. Again, the latter is not surprising.
We recently reported that bad actors are abusing mobile phone push notifications and selling that data to government agencies, but security experts say the only surefire way to stop this is to told Digital Trends that the solution is to disable notification access for the app.
Editor’s picks
[ad_2]
Source link
