A malware named VajraSpy has been found in more than 12 mobile applications. It is known as Remote Access Trojan (RAT) and about 6 applications from Google Play have been affected by it. Google has immediately removed those apps from Play Store but they are still available as third party apps on the internet, as reported by WeLiveSecurity and ESET. Most of these applications are related to messaging and news. When these apps affected by RAT are installed, your device immediately gets malware and the apps can easily steal your personal information, private data and can even record your phone calls. It can also automatically turn on your front camera and monitor you. It can automatically obtain all the permissions on your mobile phone and can then do surveillance and monitoring of the user, from their notifications to messages and images.
Researchers from ESET were the first ones to report this virus and the PatchWork APT group is behind this and they have been targeting people in Pakistan since 2015. In 2022, this group accidentally unveiled their own malware campaign and they were using Ragnatela RAT for spreading the virus. ESET researchers also found the applications that had the same VajraSpy Code. These applications included Rafaqat, which is a news app. The other applications were related to messaging namely, Privee Talk, MeetMe, Let’s Chat, Quick Chat and ChitChat. The apps that are affected by VajraSpy but are available outside of Google Play are Hello Chat, Yahoo Talk, TikTalk, Nidus, GlowChat and Wave Chat. All of these apps are messaging apps.
As third-party websites do not mention the number of people who have downloaded apps from them, we cannot say anything about how many people have been affected by that virus. ESET has said that most of the victims are from India and Pakistan and they have been tricked into installing these applications. Google Play is introducing a new policy that will make it hard for apps with malware to be on the platform. Till then, people shouldn’t download apps recommended by people they don’t know.
Photo: Digital Information World - AIgen
Read next: Google Has Removed the Cache Link From its Search Engine Results, Cache Operator will Be Removed Soon Too
Researchers from ESET were the first ones to report this virus and the PatchWork APT group is behind this and they have been targeting people in Pakistan since 2015. In 2022, this group accidentally unveiled their own malware campaign and they were using Ragnatela RAT for spreading the virus. ESET researchers also found the applications that had the same VajraSpy Code. These applications included Rafaqat, which is a news app. The other applications were related to messaging namely, Privee Talk, MeetMe, Let’s Chat, Quick Chat and ChitChat. The apps that are affected by VajraSpy but are available outside of Google Play are Hello Chat, Yahoo Talk, TikTalk, Nidus, GlowChat and Wave Chat. All of these apps are messaging apps.
As third-party websites do not mention the number of people who have downloaded apps from them, we cannot say anything about how many people have been affected by that virus. ESET has said that most of the victims are from India and Pakistan and they have been tricked into installing these applications. Google Play is introducing a new policy that will make it hard for apps with malware to be on the platform. Till then, people shouldn’t download apps recommended by people they don’t know.
Photo: Digital Information World - AIgen
Read next: Google Has Removed the Cache Link From its Search Engine Results, Cache Operator will Be Removed Soon Too