ESET has released a report, stating that 12 Android apps are targeting users for espionage in India and Pakistan. Apps found a uniform Vajraspy malware, which executes the RAT code and steal the device’s contacts, files, call logs and SMS. Not only this, the report also states that some of these apps can record phone calls and take pictures from the camera along with stealing the message of WhatsApp and Sign Platform.
While ESET telemetry data detected only about them from Malaysia, the company believes that they were only casual and not the real goals of the campaign, but their main targets are Android smartphone users in India and Pakistan.
ESET says that “we believe the victims were contacted through a honey-trap romance scam, where the campaign operators pretended romantic and/or sexually interest in their goals on the second platform and then convinced them to download these traveled apps.”
While 12 of these apps were on Google Play Games Collect, others (XAMALICIOUS) are on the third-party app store. Although Google has removed all apps, but if a user has already installed them on their device, he will have to remove them by himself.
The names of these 12 apps are as follows:- Meet Me, Prive Communicate, Nidus, Flow Chat, Yoho Communicate, Rafaqat Information, Tik Communicate, Shall We Chat, Sparkle Sparkle, Fast Chhat, Nionio, Hi Cat, Hi Chat, Chhat Cat
At the same time, xamalicious apps are as follows:- Monitor Your Vacation, Auto Click on Repeater, Numerology: Non-Public Horoscope & Quantity Predictions, Common Calculator, Common Calculator, Brand Maker Professional, VERAND MAKER POFESINAL, Horoscope for Android, 3-D Pores and Skin Writer for Pe Minecraft, Letterlink, Step Keeper: Simple Pedometer, Astrogical Navigator: Day-to-day Horoscope & Tarot, Rely Simple Calorie Calculator, Pitch Quantity Booster, Pitch Quantity Extender
