Warning about app stealing private WhatsApp and Facebook messages

Warning about app stealing private WhatsApp and Facebook messages

  • Experts say that some kind of malware has attacked the Google Play Store
  • The app tricks Android users into stealing their private SMS information

WhatsApp and Facebook users have been warned about an Android app that could steal your private texts.

A special kind of communication-stealing malware has attacked the Google Play Store, according to cyber researchers from Cyfirma.

The malware exhibits a similar operational mechanism to the one previously identified, but this bug has more privileges and poses a greater threat, according to the company.

The app successfully misleads its users and allows the threat actor to extract the necessary information before the victim realizes it is a dummy.

Tech experts tricked WhatsApp and Facebook about an Android app that could steal your private texts

Although the app has since been removed from the Play Store, it will remain on your Android if you downloaded it beforehand.

In this case, you have to manually uninstall the app, ironically called SafeChat.

An Indian hacking group known as ‘Bahamut’ is said to have injected the app with spyware that steals texts, call logs and GPS locations from phones.

The hacking circle has been active since 2017 and has targeted a wide variety of platforms, including iOS, Android and Windows, according to Cyfirma.

Last year, the group was associated with using fake VPN apps for Android devices designed to extract sensitive user data and actively spy on victim’s messaging apps such as WhatsApp, Facebook Messenger, Signal, Viber and Telegram.

ESET researchers have reportedly found at least eight versions of the Bahamut spyware, which they believe could mean that the campaign is well maintained. The malicious apps were never available for download from Google Play.

Although the app has since been removed from the Play Store, it will remain on your Android unless you delete it manually

The report warned, “If enabled, the Bahamut spyware can be remotely controlled by Bahamut operators and exfiltrate various sensitive device data such as contacts, text messages, call logs, list of installed apps, device location, device accounts. .

The software can also find out device information, such as the type of internet connection, IP address or SIM card serial number.

Cyfirma technical experts have not revealed how hackers tricked people into downloading SafeChat.

Cyber ​​experts suspect that Bahamut worked on behalf of a specific state government in India.

But a common method is to suggest moving a conversation to a “more secure” platform, according to BleepingComputer.

Cyfirma experts said Bahamut is specifically targeting phones in the South Asia region, but the app could have been downloaded by anyone in the world, putting more Android users at risk.

Related Post