These 12 Android Apps Are Spying On You So Delete Them Now

these 12 android apps are spying on you so delete them now
Your personal data and information are hot commodities, so much so that virtually all businesses or other entities with access are all scrambling to monitor and sell it if possible. Threat actors also know this as well, which could lead to blackmail, extortion, bank account access, or more sinister things if your personal data is breached. With that in mind, researchers are constantly investigating to uncover apps that are doing malicious things. Case in point, the recent discovery of 12 Android apps stealing data.

Just this week, researchers from ESET identified 12 Android apps that shared similar code, which turned out to be malicious. These apps were disguised as messaging tools save for one, which was purportedly a news app. All ran a remote access trojan (RAT) in the background dubbed VajraSpy. This kit used by the Patchwork APT group could “[steal] contacts, files, call logs, and SMS messages, but some of its implementations can even extract WhatsApp and Signal messages, record phone calls, and take pictures with the camera.”

app these 12 android apps are spying on you so delete them now
MeetMe and Chit Chat (right) have the same UI, but Hello Chat (left) and the others have the same dev certificate.

In terms of who was affected, there were some incidental malware detections out of Malaysia, but primarily this campaign is targeting devices in Pakistan and India from what is believed to be a Pakistani developer. It is also believed that this may be part of a romance scam, wherein “victims were approached via a honey-trap romance scam where the campaign operators feigned romantic and/or sexual interest in their targets on another platform, and then convinced them to download these trojanized apps.”

You can read the full breakdown of the apps in this report, but to make a long story short, check to see if you have any of the following Android apps installed on your devices: MeetMe, Privee Talk, Let’s Chat, Quick Chat, GlowChat, Chit Chat, Hello Chat, TikTalk, Nidus, YohooTalk, Wave Chat, or Rafaqat رفاقت. If any of those are present, you should remove the apps and assess your security immediately. Further, while this may not affect most people, it should serve as a good warning that malware can sneak in just about anywhere, so know what you are downloading before you start installing apps.