Have one of these applications on your Android phone? Uninstall it immediately | Digital Trends

Joe Maring / Digital Trends The discovery of the potent Pegasus malware, sent to Jordan to spy on journalists and activists, by the NSO group has raised red flags once again. While this incident resulted in Apple suing NSO Group, a wide array of apparently innocuous Android apps are gathering data from the average person’s phone. Security experts at ESET have identified at least 12 Android applications, many of which are posing as social apps, that implant a Trojan on the phone and proceed to pilfer information such as call logs, messages, remote camera control, and even delete chat details from end-to-end encrypted platforms like WhatsApp. The identified apps include YohooTalk, TikTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat. If you have any of these apps installed on your device, remove them without delay. Notably, six of these apps were available on the Google Play Store, heightening the risk for users who obtain apps from this platform and rely on Google’s security policies. At the core of these apps’ spying activities lies a remote access trojan (RAT) known as Vajra Spy.
Dall.E-3 / Digital Trends According to ESET, Vajra Spy “steals contacts, files, call logs, and SMS messages, but some of the settings can delete WhatsApp and Signal messages, record calls, and take photos with the camera.” This is not the first time that Vajra Spy has been flagged for its malicious activities. In 2022, Broadcom documented it as a Remote Access Trojan (RAT) that utilizes Google Cloud Storage to gather data stolen from Android users. The malware was associated with the APT-Q-43 threat group, known for targeting the Pakistani military in particular. The primary aim of VajraSpy is to amass information from the infected device and capture user data such as text messages, WhatsApp and Signal messages, and call history, among others. These apps, many of which pose as social networks, employ dating advice to attract potential victims. This tactic is consistently used, particularly when considering the motives behind these apps. In 2023, Scroll reported on cross-border spies employing honey traps to entice Indian scientists and military personnel into divulging sensitive information through a combination of romance and deception. The FBI has also issued a warning about digital romance scams, with a White House employee losing over half a million dollars in one such scheme.
Dall.E-3 / Digital Trends In its recent deployment, VajraSpy could extract information, messages, lists of installed programs, call logs, and local files in various formats such as .pdf, .doc, .jpeg, .mp3, and more. While those with advanced capabilities require a phone number, they can also receive messages on secure platforms like WhatsApp and Signal. Additionally, these apps can intercept real-time conversations, monitor notifications, record phone calls, capture keystrokes, take photos with the camera without the victim’s knowledge, and hijack the microphone to record audio. Once again, this development is not surprising. We recently reported on how actors abuse mobile push notifications and trade information with government agencies, while security experts informed Digital Trends that the most reliable way to halt this activity is to block access to notifications. Editor’s Note

Author: OpenAI