Home These chat apps are silently stealing your data

These chat apps are silently stealing your data

Malware disguised as a messaging app has been found on twelve applications, six of which were available on Google Play between April and September 2023. The malicious software, known as VarajSpy, is referred to as a remote access trojan. This means that the cyber-attacker is able to access your device remotely.

Those infected by VarajSpy became specifically vulnerable to cyberattacks like data theft (including phone contacts) and, depending on permissions granted, even recorded their phone calls.

While these malicious apps have been removed from Google Play, they remain on third-party app stores disguised as messaging and news apps. 

Researchers at the anti-virus software company ESET uncovered this campaign. According to them, these cyber-attackers are part of the Patchwork Advanced Persistent Threat (APT) group.

Bogus chat apps

Furthermore, according to Lukas Stefanko, an ESET researcher, these apps were downloaded 1,400 times on Google Play. They had innocent-sounding names like Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, and Chit Chat.

Unlike Google Play, it is difficult to track how many applications were downloaded from third-party app stores. Still, they did have similarly innocuous-sounding names like Hello Chat, YohooTalk, TikTalk, Nidus, GlowChat, and Wave Chat.

Analysis by ESET also found that the majority of these hacking victims were located in Pakistan, and that they were most likely tricked into installing these bogus chat apps as part of a wider romance scam.

In a statement to BleepingComputer, a spokesperson for Google said: “We take security and privacy claims against apps seriously, and if we find that an app has violated our policies, we take appropriate action.”

“Users are protected by Google Play Protect, which can warn users of apps known to exhibit this malicious behavior on Android devices with Google Play Services, even when those apps come from sources outside of Play.”

Featured Image: Photo by Jonas Leupe on Unsplash 

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Charlotte Colombo
Freelance Journalist

Charlotte Colombo is a freelance journalist with bylines in Metro.co.uk, Radio Times, The Independent, Daily Dot, Glamour, Stylist, and VICE among others. She most recently worked as a Staff Writer for entertainment outlet The Digital Fix for two years and, prior to that, worked with Business Insider and Dexerto on their digital culture desks. She’s also appeared on BBC Radio 5 and The Guardian podcast to share her expertise on technology, influencers, and niche internet subcultures. She holds an MA in Magazine Journalism from City, University of London and has been freelancing for three years. She has a wide range…

Get the biggest iGaming headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Gambling News

    Explore the latest in online gambling with our curated updates. We cut through the noise to deliver concise, relevant insights, keeping you informed about the ever-changing world of iGaming and its most important trends.

    In-Depth Strategy Guides

    Elevate your game with tailored strategies for sports betting, table games, slots, and poker. Learn how to maximize bonuses, refine your tactics, and boost your chances to beat the house.

    Unbiased Expert Reviews

    Honest and transparent reviews of sportsbooks, casinos and poker rooms crafted through industry expertise and in-depth analysis. Delve into intricacies, get the best bonus deals, and stay ahead with our trustworthy guides.