WhatsApp users must delete 2 rogue Android apps before they steal private chats
Technology

WhatsApp users must delete 2 rogue Android apps before they steal private chats

By Kevin Colleran

ANDROID owners are being urged to check their phones for two rogue apps which can steal your WhatsApp conversations.

A recent investigation by internet security firm ESET revealed that a new version of spyware known as GravityRAT was being distributed on Android phones – using two messaging apps as a cyber-trojan-horse.

GravityRAT is a remote access tool which essentially grants hackers full control over a device from a remote location

1

GravityRAT is a remote access tool which essentially grants hackers full control over a device from a remote locationCredit: Getty – Contributor

The malicious messaging apps are called BingeChat and Chatico, and have been available to download online – but not via the official Google Play Store.

The pair present as a free messaging and file sharing service.

But their real purpose is much more sinister.

These apps have been injected with malware that can delete and steal vast amounts of data, including WhatsApp backup files, SMS messages, contact lists, device location, as well as photos and documents files.

Millions of Android owners warned of 22 bank-raiding 'stalkerware' phone apps
Android users issued Google warning to block 'creeps' viewing your locations

GravityRAT is a remote access tool, which had previously been used in targeted cyber attacks in India, but essentially grants hackers full control over a device from a remote location.

The malware strain has been active since at least 2015, Bleeping Computer points out, but has only grown popular among Android-targeting hacking groups since 2020.

In a statement, ESET researcher Lukáš Štefanko, who investigated the malicious apps, said: “We found a website that should provide the malicious app after tapping the DOWNLOAD APP button; however, it requires visitors to log in.

“We didn’t have credentials, and registrations were closed.

Most read in Phones & Gadgets

“It is most probable that the operators only open registration when they expect a specific victim to visit, possibly with a particular IP address, geolocation, custom URL, or within a specific timeframe

“Although we couldn’t download the BingeChat app via the website, we were able to find a distribution URL on VirusTotal.”

The cyber crook behind this particular campaign remains unknown, according to ESET.

Although one silver living for the average Android user is that this malicious campaign “is very likely highly targeted” to specific individuals of interest, ESET said in its report.

So, it’s unlikely that your average WhatsApp-using joe will be of interest to this hacker.

However, if you do have this app on any of your devices – it’s best to delete it immediately.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.

Kevin Colleran