1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Fake Android chat app lets hackers steal Signal, WhatsApp user da

    From TechnologyDaily@1337:1/100 to All on Tue Aug 1 15:15:03 2023
    Fake Android chat app lets hackers steal Signal, WhatsApp user data

    Date:
    Tue, 01 Aug 2023 15:06:13 +0000

    Description:
    Spyware targets Android users, aiming to collect information about victims in real time.

    FULL STORY ======================================================================

    Experts have raised the alarm about yet another case of Android malware under the cover of a dodgy app, this time spreading across South Asian countries.

    According to cybersecurity company Cyfirma , the dummy chatting app which
    goes by the name Safe Chat on victims devices is said to have higher levels
    of permissions compared with another similar instance of malware that it has been compared to.

    After analyzing the malware, Cyfirma has revealed suspicions that the latest attack is yet another by Indian APT hacking group Bahamut. Safe Chat app is not safe

    Once delivered via WhatsApp and installed, the Safe Chat app throws up a series of pop-up messages, including one asking the victim to allow
    background activity and to ignore battery optimizations, in turn granting the attacker continuous access to the infected device. Read more

    These are the best identity theft protection tools


    Malware found hiding disguised as Android security, VPN apps


    This dangerous Android malware could steal passwords and other data just
    by using images

    A second pop-up seeks permission to the devices accessibility features, and
    as such, information such as keystrokes. Other information that the threat actor can get access to includes a victims precise location, contacts, file storage, SMS messages, and call logs.

    The spyware is suspected to be a variant of Coverlm, which has previously
    been seen targeting data from apps like WhatsApp, Signal, and Telegram. The researchers also noted a similarity in the tactics seen in both this campaign and another by APT DoNot, both of which targeting the same geography and with a focus on espionage.

    Cyfirma says that, taking into account its findings, its analysis strongly indicates that the APT group behind the attack has ties to the Indian territory and is acting in the interest of one nation state government.

    When TechRadar Pro asked Google for more information about the previous DoNot attack, a company spokesperson confirmed that the malicious apps had been removed from the Play Store.

    We were also told that Google Play Protect protects users from apps known to contain this malware on Android devices with Google Play Services, even when those apps come from other sources."

    The company did not immediately respond to our request for comment specific
    to this example. In need of a cybersecurity boost? Consider the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/pro/fake-android-chat-app-lets-hackers-steal-signal- whatsapp-user-data


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)