The Bahamut ATP cyber crime group has been notorious for its constant cyber attacks and hacks, and new research has shown that they are starting to branch out into using fake VPNs as well with all things having been considered and taken into account. ESET research recently put out a report that highlighted this trend, and it showed that these malicious actors are using said fake VPNs to launch a variety of spear phishing attacks that are targeting global consumers.
With all of that having been said and now out of the way, it is important to note that these fake VPNs have been impacting users in the Middle East and South Asia since as far back as 2016. In spite of the fact that this is the case, they have managed to operate mostly under the radar, and that raises a lot of questions about Google’s ability to manage its own app store.
When a user downloads the app, they are asked to put in an activation key because of the fact that this is the sort of thing that could potentially end up giving the malicious actors access to their devices. Once the VPN has been activated, spyware is immediately installed which makes it easier for the hackers to track their victims than might have been the case otherwise.
The malicious actors can then harvest data through key logging, and they are able to glean SMS data as well as numerous other forms that can put the privacy of users at great risk. There are around 8 different fake VPNs that are still up on the Play Store, and any one of them could do a lot of harm to unsuspecting users who install them.
It is essential that users get informed about app downloading safety. It’s always best to download apps that have a good rating, but even those might be manipulated through bots. Users need to be discerning about the VPNs they use and only go for those that have an established brand or come from a well known company that can take accountability for its services.
Read next: Pay Attention Users: Scammers Are Targeting Your Credit Card Details
With all of that having been said and now out of the way, it is important to note that these fake VPNs have been impacting users in the Middle East and South Asia since as far back as 2016. In spite of the fact that this is the case, they have managed to operate mostly under the radar, and that raises a lot of questions about Google’s ability to manage its own app store.
When a user downloads the app, they are asked to put in an activation key because of the fact that this is the sort of thing that could potentially end up giving the malicious actors access to their devices. Once the VPN has been activated, spyware is immediately installed which makes it easier for the hackers to track their victims than might have been the case otherwise.
The malicious actors can then harvest data through key logging, and they are able to glean SMS data as well as numerous other forms that can put the privacy of users at great risk. There are around 8 different fake VPNs that are still up on the Play Store, and any one of them could do a lot of harm to unsuspecting users who install them.
It is essential that users get informed about app downloading safety. It’s always best to download apps that have a good rating, but even those might be manipulated through bots. Users need to be discerning about the VPNs they use and only go for those that have an established brand or come from a well known company that can take accountability for its services.
Read next: Pay Attention Users: Scammers Are Targeting Your Credit Card Details