This week, there’s been renewed concern about the NSO Group and its Pegasus malware, which has been used once again to spy on journalists and activists in Jordan. Apple has taken legal action against the NSO Group, drawing attention to the issue. But while this high-profile case grabs headlines, there’s another troubling trend in the world of Android apps.
Security experts at ESET have uncovered a dozen Android apps, many posing as harmless chat applications, that actually contain a Trojan horse. These apps slyly steal sensitive data from users’ phones, including call logs, messages, and even take control of the camera. Shockingly, they’re even capable of extracting chat details from encrypted platforms like WhatsApp.
Among the problematic apps are YohooTalk, TikTalk, Privee Talk, and others. If you’ve installed any of these apps on your device, it’s crucial to remove them immediately to safeguard your data.
What’s particularly worrying is that six of these apps were available on the Google Play Store, where users typically trust the security measures put in place by Google. The Trojan horse responsible for these apps’ malicious activities is called Vajra Spy, which can steal various types of data and even record phone calls and capture images with the camera.
Interestingly, Vajra Spy has been flagged before, with Broadcom identifying it as a Remote Access Trojan variant in 2022. This malware, associated with the threat group APT-Q-43, primarily targets members of the Pakistani military.
The apps using Vajra Spy often employ social engineering tactics, such as romance-themed schemes, to entice victims. This tactic has been used in similar espionage efforts in the past, including instances involving Indian scientists and military personnel.
In the recent case, the apps managed to extract a wide range of sensitive information, including contact details, messages, call logs, and various files. Some advanced features even allowed interception of messages on encrypted platforms.
Overall, these incidents underscore the ongoing threat posed by malicious apps and highlight the importance of remaining vigilant while using mobile devices. Disabling notification access for apps can offer an additional layer of protection against such threats.