If you use Android, you need to check the list of apps installed on your device. That’s because researchers have sounded the alarm over a dozen Android apps laced with malicious code capable of extracting personal messages from your WhatsApp, record calls, copy your contacts’ numbers, and secretly take pictures.
The terrifying malware is known as VajraSpy and was uncovered by a team at cybersecurity firm ESET. The minds behind the latest malware campaign are believed to be the Patchwork APT group, which has been active since late 2015 and deployed a multitude of malware during that time.
Half of the apps identified by researchers were available in the Google Play Store, while the remaining six were only accessible from third-party app stores. Most of these were disguised as messaging or news apps, researchers claim.
ESET researchers shared proof of the VajraSpy malware tracking messages sent within WhatsApp
ESET
Google removed the apps from its digital store shelves as soon as they were flagged by the team at ESET. However, that only prevents new users from installing the malicious software ...if you’ve previously downloaded these apps, they will still be lurking on your handset.
Patchwork APT primarily targeted users in South Asia. Statistics from the Google Play Store show that some of these apps were download over 1,000 times. However, third-party stores do not report download figures, so the true number of people impacted by this campaign will never be known.
ESET warns that Android users should always avoid downloading obscure chat apps recommended by people they don't know or with very few reviews on the store listing. This category is a common and longstanding target for cybercriminals seeking to infiltrate devices.
Messaging apps are enormously popular and require a slew of permissions to work properly, including access to the camera, location data, files, and more. This level of access is hugely appealing for crooks looking to steal your data.
This is not the first time that apps laced with the VajraSpy spyware have managed to worm their way into the Google Play Store. Last year, Google had to evict malware apps with 2 million downloads.
The latest apps flagged by ESET researchers are as follows:
LATEST DEVELOPMENTS
In response to the latest report from researchers, a spokesperson for Google told security blog Bleeping Computer: “We take security and privacy claims against apps seriously, and if we find that an app has violated our policies, we take appropriate action.
“Users are protected by Google Play Protect, which can warn users of apps known to exhibit this malicious behaviour on Android devices with Google Play Services, even when those apps come from sources outside of Play.”
