Why you need to remove these apps from your Android phone now

This is the latest warning against malicious apps in both Google’s Play Store and third-party Android app stores that are riddled with “Users beware” patches.

The VajraSpy remote access Trojan (RAT) was identified by ESET’s research team, which identified “12 Android spy apps that share the same malicious code,” six of which were found to be unresponsive despite defensive measures. “It was available on Google Play.”

More from ForbesGoogle suddenly issues update warning to Samsung Galaxy usersby Zach Doffman

ESET believes that the RAT is from the Asian Patchwork APT group. According to the team, these apps were “advertised as messaging tools, apart from masquerading as news apps. “It has a spy function.” It steals contacts, files, call records, SMS messages, and some of its implementations can also extract WhatsApp and Signal messages, record calls, and take photos. ”

There were very few installs from the Play Store, mostly limited to Asia, but it’s unclear how many apps were downloaded from third-party stores. While Google’s official store is much safer than alternative stores, the fact that these apps sneaked into the Play Store in the first place is cause for concern.

These apps appear to be more targeted than other recent malware alerts. Users were often sent links through chat apps under the guise of online romance. However, the app is also available in the store and can be installed by anyone.

Other recently released malware-laden apps have been downloaded millions of times. A complete list of dangerous apps can be found below.

This is the third such warning for Android in recent weeks, following reports from SpyLoan and Xamalicious. And this matches the current headlines about app store security. Apple has repeatedly opposed opening up its ecosystem to third-party stores for security reasons. It is currently forced to do so by Europe’s Digital Markets Act (DMA). Stories like this don’t bring much comfort.

In response to ESET’s report, Google clarified that it “takes security and privacy complaints against apps seriously” and confirmed that “all reported apps are no longer on Google Play” and that Google Play Protect is Android devices with Google Play Services, which “can alert apps,” are known to exhibit this malicious behavior, even if those apps come from sources other than Play. ”

Users should check out the SpyLoan and Xamalicious apps, as well as VajraSpy. All of these are explained in detail below. You should also look for so-called “copycat apps” hidden on your phone. All of these apps have been removed from the Play Store, but some are still publicly available and will not be automatically removed.

Vajra Spy:

1. hello chat
2. chatting
3. let’s meet
4. Nidas
5. Rafa Cut News
6. tick talk
7. wave chat
8. private talk
9. glow glow
10. Let’s chat
11. Nionio
12. quick chat
13. Yahoo Talk

Zamaricious:

1. Essential horoscope for Android
2. 3D Skin Editor for PE Minecraft
3. logo maker pro
4. autoclick repeater
5. Count easy calorie calculator
6. volume extender
7. letter link
8. Numerology: Personal horoscope and number predictions
9. Step Keeper: Easy pedometer
10. track your sleep
11. volume booster
12. Astrology Navigator: Daily Horoscopes and Tarot
13. universal calculator

Spy loan:

1. AA credits
2. Amor Cash
3. guayaba cash
4. easy credit
5. Kashwau
6. credit bus
7. flash loan
8. prestamos credit
9. Prestamos De Credito-YumiCash
10. use credit
11. instant prestamo
12. Karterra Grande
13. rapid credit
14. Finp Lending
15. 4S cache
16. true naira
17. easy cash

As I’ve said repeatedly, the dangers of sideloading will be heavily debated through 2024, with Apple’s changes in the iOS 17 update, and ahead of the iOS 18 update in the fall.

As Apple begins to move beyond App Store exclusivity, more attention will be focused on the vulnerabilities of the Android ecosystem, where finding the right balance between choice and risk is proving impossible. I think that may be the case.

More from ForbesNew Google release rolls out AI upgrades for Messages usersby Zach Doffman

In addition to being wary of unofficial app stores, ESET strongly recommends not installing apps via links sent through chat apps. “Cybercriminals use social engineering as a powerful weapon. We strongly recommend that you do not click on links sent in chat conversations that download applications.”

I would go further and recommend that you don’t download it casually. Any You cannot install an app on your phone unless you are confident in its origin and developer. Once an app is installed and permission abuses are rampant, they can potentially gain access to everything on your device, the keys to your private life.

In the meantime, you might want to check your phone for any of the 40+ apps listed above and start deleting the casual apps you’ve collected over the years that you no longer use. Especially at this time, this is good practice and housekeeping is recommended.

follow me twitter Or LinkedIn.