The apps– Defcom, Sim Info and Dink Messenger-come with ‘XploitSPY’ malware capable of sending out personal and financial details from the infected phone to the hackers’ server accounts.
Cyber security firm ESET has detected an active espionage campaign on Google Play Store and Android phones.
Newly identified threat group called ‘Virtual Invaders’ had rolled out three spyware-laced apps, which masquerade as messenger applications. Threat actors targeted citizens in South Asian countries, mostly in India and Pakistan.
The apps– Defcom, Sim Info and Dink Messenger-come with ‘XploitSPY’ malware capable of sending out personal and financial details to the hackers’ server.
After getting installed on the device, apps were able to avoid getting detected by Google’s Play Protect security system. And, then hackers were able to sectretly extract contact lists and files, and even managed to retrieve the device’s GPS location and the names of files listed in specific directories related to the camera, downloads, and even messaging apps such as Telegram and WhatsApp.
ESET, which is a core member of Google’s App Defence Alliance informed the search engine giant. The apps have been taken down from the Play Store, but people who have already downloaded them are advised to uninstall them.
Here’s how to safegaurd yourself from malware apps:
1) Always download apps from official stores such as Google Play, Apple App Store, and Windows Store. Also, be sure to read reviews of the app below; there will always be telltale signs of bad apps. People would have either praised it or panned it for failing to deliver a good user experience.
2) Make it a habit of reading and knowing the publisher of an app. Even if the app banner shows that it is created by a familiar or a reputed company, ensure you observe all minute details such as typeface, fonts, and logos, as fake apps tend to have errors in terms of wrong spellings in words and bad grammar.
3) Don’t blindly install apps from URL links shared or forwarded on messenger apps by your loved ones.
4) Always ensure your phone is upgraded with the latest security software. Usually, Google/Apple/Microsoft releases security patches regularly to thwart emerging cyber threats.
5) And, to be on the safer side, install anti-virus apps on your phone for early detection and deletion of fake apps.
Read More:- https://www.deccanherald.com/technology/three-android-spyware-apps-detected-on-google-play-store-2981944
Source Credit: https://www.deccanherald.com/