Security experts at ESET have uncovered a series of Android applications capable of commandeering your device to surreptitiously record audio and undertake other malicious activities. Users are advised to remove these apps without delay.
This discovery stems from a cyberespionage effort that utilized Google Play to spread six of these harmful apps, while the remaining six were disseminated through alternative methods, leading to their installation.
The scheme operates under the guise of romantic enticements, where perpetrators initially engage with potential victims through platforms like Facebook Messenger or WhatsApp. They then coax the individuals into downloading another messaging app, which is segmented into three categories.
Apps within the first category, laced with standard messaging functionalities, solicit personal contact details from users, such as phone numbers. Regardless of the success in creating an account, the VajraSpy Trojan embedded within operates clandestinely to pilfer contacts, text messages, call logs, device location, installed apps, and specific file types.
The second category includes apps that harness device accessibility features to capture communications on WhatsApp and Signal, allowing eavesdropping on conversations and snagging notifications. Notably, one app, Wave Chat, escalates the invasion of privacy by recording calls, keystrokes, and ambient sounds via the smartphone's microphone.
The third category, represented solely by an app posing as a news outlet, still demands a phone number for access and is capable of intercepting contacts and certain documents.
Here are the apps identified:
Rafaqat
Private Talk
MeetMe
Let's Chat
Quick Chat
Chit Cat
YohooTalk
TikTok
Hello Cha
Nidus
GlowChat
Wave Chat
The initial six, once listed on the Play Store, have been downloaded over 1,400 times but are now removed. If you find any of these apps on your device, it's crucial to uninstall them at once. Additionally, exercise caution with requests to download apps or click on unfamiliar links.
