In a startling revelation, cybersecurity researchers at ESET have identified a cluster of 12 Android apps, including 11 messaging applications and one news app, involved in stealing user data. Employing a Remote Access Trojan (RAT) code named VajraSpy, these malicious apps have infiltrated smartphones, jeopardizing user privacy on an alarming scale.
Data Compromised: Once downloaded, these apps, equipped with the VajraSpy Trojan, gain unauthorized access to users’ smartphones, compromising a plethora of sensitive information. This includes contacts, files, call logs, SMS, and even WhatsApp messages. Some of the apps take the invasion further by recording phone calls and clandestinely accessing the phone’s camera, all without the user’s knowledge.
Modus Operandi: Exploiting app permissions, these malicious apps operate discreetly, saving copies of users’ messages without their consent. The breach of user privacy is especially concerning in regions where these apps were highly popular, such as India and Pakistan.
Google’s Action: Upon discovery, Google has promptly removed these malicious apps from the Play Store. However, users who have previously downloaded any of these apps are advised to manually uninstall them to mitigate potential risks to their data and privacy.
List of Apps:
- Hello Chat
- Chit Chat
- Meet Me
- Nidus
- Tik Talk
- Wave Chat
- Prive Talk
- Glow Glow
- Let’s Chat
- Quick Chat
- Yoho Talk
- Rafaqat News
Rafaqat News: Among the affected apps, the news app “Rafaqat News” is also flagged for potential data compromise.
As a precautionary measure, users are urged to remain vigilant, routinely review app permissions, and uninstall any suspicious applications. Ensuring the security and privacy of personal data should be a top priority in the face of such cybersecurity threats.