Researchers from ESET were the first ones to report this virus and the PatchWork APT group is behind this and they have been targeting people in Pakistan since 2015. In 2022, this group accidentally unveiled their own malware campaign and they were using Ragnatela RAT for spreading the virus. ESET researchers also found the applications that had the same VajraSpy Code. These applications included Rafaqat, which is a news app. The other applications were related to messaging namely, Privee Talk, MeetMe, Let’s Chat, Quick Chat and ChitChat. The apps that are affected by VajraSpy but are available outside of Google Play are Hello Chat, Yahoo Talk, TikTalk, Nidus, GlowChat and Wave Chat. All of these apps are messaging apps.
As third-party websites do not mention the number of people who have downloaded apps from them, we cannot say anything about how many people have been affected by that virus. ESET has said that most of the victims are from India and Pakistan and they have been tricked into installing these applications. Google Play is introducing a new policy that will make it hard for apps with malware to be on the platform. Till then, people shouldn’t download apps recommended by people they don’t know.
Photo: Digital Information World – AIgen