December 10, 2024
If you have these 'extremely dangerous' apps in your phone, delete them now


A serious new warning this week, urging Android users to check their phones for a set of very dangerous apps that not only steal personal data but can also record phone calls. If you have any of these installed, remove them immediately.

This is the latest such warning for malicious apps on both Google’s Play Store and the “user beware” third-party Android app stores.

The Vajraspy Remote Access Trojan (RAT) was identified by ESET’s research team, which “named twelve Android spying apps that share the same malicious code,” six of which were “available on Google Play,” according to its Despite the defense.

More from ForbesGoogle issues sudden update warning to Samsung Galaxy users

ESET attributes the RAT to the Patchwork APT group in Asia. The team says the apps were advertised as messaging tools in addition to news apps – Vajraspy has a range of spying functionalities that can be expanded depending on the permissions granted to the app bundled with its code . It steals contacts, files, call logs and SMS messages, but some of its implementations can also extract WhatsApp and Signal messages, record phone calls and take photos.

While there were very few installs from the Play Store, mostly limited to Asia, it is not known how many apps were downloaded from third-party stores. Google’s official store is far more secure than the alternatives, but the fact that these apps made it to the Play Store in the first place should be cause for concern.

These apps appear to be more targeted than other recent malware warnings. Users were often sent links through chat apps under the guise of online romance. But the apps are also available on stores for anyone to install.

Other malware-containing apps that have surfaced recently have been downloaded millions of times. The full list of dangerous apps can be found below.

This is the third such Android warning in recent weeks, following the SpyLoan and Xamalicious reports. And it matches the current spotlight on App Store security. Apple has repeatedly insisted on opening up its own ecosystem to third-party stores for security reasons. Now it is being forced to do so through Europe’s Digital Markets Act (DMA). Such stories will not provide much comfort.

Users should also check out Spylone and Zamalicious apps as well as Vajraspy, which are detailed below. They should also look for any so-called “copycat apps” hidden on their phones. Even though all these apps have been removed from the Play Store, some are still available and may not have been automatically removed.

Vajraspy:

  1. hello chat
  2. Sound off
  3. meet me
  4. house of diseases
  5. Rafaqat News
  6. TIC Toc
  7. wave chat
  8. prive talk
  9. shine shine
  10. lets chat
  11. NioNio
  12. instant chat
  13. yoho talk

Xamalicious:

  1. Essential Horoscope for Android
  2. 3D Skin Editor for Minecraft PE
  3. logo maker pro
  4. auto click repeater
  5. Calculate Easy Calorie Calculator
  6. sound volume amplifier
  7. letterlink
  8. Numerology: Personal Horoscope and Number Predictions
  9. Step Keeper: Easy Pedometer
  10. track your sleep
  11. sound volume booster
  12. Astrological Navigator: Daily Horoscope & Tarot
  13. universal calculator

Detective Loan:

  1. aa credit
  2. amor cash
  3. guayabacash
  4. EasyCredit
  5. cash flow
  6. credibus
  7. flashloan
  8. Prestmoscredito
  9. Prestomos de Credito-Yumicash
  10. go credito
  11. instantanio prestamo
  12. cartera grande
  13. rapido credito
  14. finup loan
  15. 4s cash
  16. TrueNaira
  17. easycash

As I’ve said repeatedly, the dangers of sideloading will be hotly debated until 2024, well before Apple’s change in the iOS 17 update and then the change in iOS 18.

When Apple begins to move beyond its App Store exclusivity, I suspect we’ll see more focus on vulnerabilities in the Android ecosystem, where finding the right balance between option and risk is proving impossible.

More from ForbesNew Google release highlights AI upgrades for Messages users

In addition to being wary of unofficial app stores, ESET strongly recommends installing apps via links sent via chat apps. “Cyber ​​criminals use social engineering as a powerful weapon. We strongly recommend not clicking on any links to download applications sent in chat conversations.

I would go further and advise against accidental downloads Any Apps on your phone, unless you trust their origin and their developer. Once installed and with plenty of permission abuse, apps can potentially access everything on your device, the keys to your private life.

In the meantime, check your phone for the 40+ apps above, and maybe start deleting casual apps you’ve collected over the years and no longer use. This is good practice, especially at this time, and you will be advised to do some housekeeping.

Leave a Reply