Messaging, News Apps Stuffed With Data Stealing Malware Listed On Google Play Store; Check List Here

VajraSpy Malware: Instances of malicious apps appearing on Google Play Store have been on the rise in recent times. Continuing this series, ESET researchers identified 12 Android apps with malicious code, six of which were listed on the Play Store. Most of these apps were messaging apps with one being from the news category. The apps execute VajraSpy, a remote access trojan (RAT) code of the Patchwork APT group on the affected device.

Depending on the permissions granted to these apps, they can steal call logs, contacts, messages and files from an affected device. Plus, it can extract messages from WhatsApp and Signal, record calls, click photos using the camera, intercept notifications and search files on the compromised handset. Among the most affected regions with this campaign were Pakistan and India. According to ESET Research, the apps on Play Store absorbed over 1,400 installs.

Also Read: Clean Malware From Android And Windows Devices With These Govt-Approved Free Tools

The cybersecurity firm managed to geolocate 148 devices compromised with the VajraSpy due to its weak security protocol. The blog of WeLiveSecurity stated that these bad actors used a “honey-trap romance scam” to lure victims to install the malware. Here is the list of apps that were available on the Play Store:

 Privee Talk


 Let’s Chat

 Quick Chat

 Rafaqat (News)

 Chit Chat

The above-stated apps have now been removed from Google Play Store. (Image:Unsplash)

While the apps have been removed from the Play Store, here are the other apps that were available in the wild



 Hello Chat



 Wave Chat

Also Read: Operation Triangulation To Xamalicious To Chameleon Trojan, Latest Threats Targeting iOS, Android Users; How To Be Safe

ESET researcher Lukas Stefanko noted that the impact of VajraSpy due to third-party app markets remains unknown due to the lack of download figures. As a precautionary measure, users must not download chat apps from links received from unknown people and monitor the permissions of apps on their devices.

Google shared a statement to BleepingComputer: “We take security and privacy claims against apps seriously, and if we…