Warning about the app that steals WhatsApp and Facebook private messages
- Experts say a breed of malware has attacked the Google Play Store
- The app tricks Android users into stealing their private text information
WhatsApp and Facebook users have been warned about an Android app that could steal your private texts.
According to cyber researchers from Cyfirme.
The malware presents a similar operational mechanism to those previously identified, but this bug has more permissions and poses more threat according to the company.
The application successfully tricks its users and allows the threat actor to extract the necessary information, before the victim realizes that it is a dummy.
Tech experts bluffed WhatsApp and Facebook over an Android app that could steal your private texts
Although the app has since been removed from the Play Store, it will remain on your Android if you downloaded it first.
In this case, you will have to remove the application, ironically called SafeChat, manually.
An Indian hacking group known as “Bahamut” is believed to have injected spyware into the app that steals texts, call logs and GPS locations from phones.
The hacking circle has been active since 2017 and has targeted a wide range of platforms including iOS, Android and Windows according to Cyfirma.
Last year, the group was linked to the use of fake VPN apps for Android devices, designed to extract users’ sensitive data and actively spy on victims’ messaging apps such as WhatsApp, Facebook Messenger, Signal, Viber and Telegram.
ESET the researchers reportedly found at least eight versions of the Bahamut spyware, which they say could mean the campaign is well maintained. Malicious apps have never been available for download on Google Play.
Although the app has since been removed from the Play Store, it will remain on your Android unless it is manually removed.
The report warns: “If Bahamut spyware is activated, it can be controlled remotely by Bahamut operators and can exfiltrate various sensitive data from the device, such as contacts, SMS messages, call logs, list of installed apps, device location, device accounts. .
The software can also discover information about the device, such as internet connection type, IP address or SIM card serial number.
Cyfirma technical experts did not reveal how the hackers tricked people into downloading SafeChat.
Cyber experts suspect Bahamut of working on behalf of a specific state government in India.
But a common method is to suggest moving a conversation to a “more secure” platform, according to BleepingComputer.
Cyfirma experts said that Bahamut specifically targets phones in the South Asian region, but the app could have been downloaded by anyone in the world, putting more Android users at risk.
