A security firm has issued a new warning to Android users after several chat apps listed on the Google Play Store were found to contain dangerous malware that can steal your personal WhatsApp messages and even take pictures of you. Once downloaded, the offending apps can install what’s known as a remote access trojan (RAT), this case called VajraSpy, which can set about stealing your private data.
Researchers at security firm ESET identified 12 apps in total with the nasty code, six of which were available to download from the Google Play Store. Mostly disguised as chat apps, they are called Privee Talk, MeetMe, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat.
The apps were available to download at different times and were available between 2021 and 2023. If you have any of these apps on your phone you should delete them immediately, as they can extract private WhatsApp and Signal messages, take photos using your phone’s cameras, or even record your phone calls, according to ESET.
The firm said it believes the apps were mainly downloaded about 1,400 times in Malaysia, Pakistan and India. Despite this, you should still be wary of downloading apps you might not have heard of, or any from app developers that don’t look legitimate.
ESET’s Lukas Stefanko said the criminals “probably used a honey-trap romance scam” to get people to download the app – a scam where people pose as romantic interests and ask them to download another chat app to continue to communicate.
Victims were first contacted by someone posing as someone else on Facebook Messenger or WhatsApp.
“Cybercriminals wield social engineering as a powerful weapon,” he said. “We strongly recommend against clicking any links to download an application that are sent in a chat conversation. It can be hard to stay immune to spurious romantic advances, but it pays off to always be vigilant.”
The use of a trojan piece of code like this is known as ‘cyberespionage’. Criminals gain access to private information on your device, or use the cameras or track phone calls, to either learn private banking or other compromising information to defraud, or gain personal knowledge of victims in order to blackmail them.
