Android users need to be on high alert after the discovery of a new batch of apps that are fully capable of committing online espionage. Once downloaded, the malicious software starts installing a remote access trojan (RAT) called VajraSpy, which is capable of stealing things like contacts, files, call logs and SMS messages.
Android users on high alert after new threat!
Security experts at ESET say this extremely worrying bug can also extract private WhatsApp messages, record phone calls and even take photos through the phone’s camera without the owner knowing.
In practice, they found 12 Android applications with the VajraSpy trojan hidden. However, to make matters worse, six were fully available for installation through the Play Store.
“ESET Research discovered an espionage campaign using applications with the VajraSpy malware.” “Some applications arrived through Google Play and elsewhere.”
In addition to being available on the Play Store, it is thought that other Android owners were tricked into downloading the software through Hello Mom and Hello Dad style schemes, with criminals convincing users to switch to infected chat apps.
“Criminals use social engineering as a powerful weapon,” the ESET team added. “We strongly recommend that you do not click on any links to download an application that are sent in a chat conversation. It can be difficult to stay immune to everything, but it’s worth always being vigilant.”
Detect dangerous apps
Most of the applications you use on a daily basis are perfectly safe, especially if you only use the Google Play Store. However, even in the Google store, dangerous apps may be present. So a rogue application can spy on you, break into your bank, steal information and defraud you, or turn your device into a money-making machine for criminals. All at the expense of your performance or battery life.
In any case, the best policy is to always download apps from the Google store. Therefore, rival stores and application download sites are not controlled by the search engine giant, so there is no guarantee that what you are installing is safe. So be careful when downloading applications from anywhere other than the Play Store. And if you download an app from another location, keep an eye on its activities.
App asks for a lot of unnecessary permissions
Applications are required to ask for your permission to access sensitive parts of your phone. To work properly, Uber needs your location and Instagram requires camera access. But if an app appears to be using suspicious permissions, it could be a sign that it’s being spied on.
You can access your Android privacy settings to see which apps have access to sensitive permissions. Furthermore, you can also block suspicious applications from accessing these permissions at any time.
Applications that use a lot of resources when not in use
If an app is using significant amounts of data, slowing down your phone with power-intensive activities, or draining the battery, that’s a bad sign.
It’s especially worrying if this is happening in the background and you can’t understand why.
The app may be committing a type of fraudulent activity in the background, making criminals money at your expense.
So consider deleting applications that do this.
Application has no support or way to contact the developer
The last type of app you should be concerned about is one that doesn’t have a clear way to contact the creators.
However, if an application intentionally hides who created it, this is a warning sign. And if you can’t get in touch with them, you should ask yourself why.
So don’t risk giving money to an application with this type of feature.