Home Cyber Attack Malicious Android Apps On Google Play Store Deliver VajraSpy RAT

Malicious Android Apps On Google Play Store Deliver VajraSpy RAT

by Abeerah Hashim
VajraSpy riddled Android apps flood Google Play Store

Heads up, Android users! Another wave of malicious apps has flooded the Google Play Store – this time, distributing the VajraSpy RAT to Android users. While Google removed the apps after knowing the matter, they may continue running on already-targeted devices. Therefore, all Android users must ensure to check their devices for any such apps and remove them immediately.

Numerous VajraSpy Android Apps Flooded Google Play Store

Researchers from ESET have spotted another wave of malicious Android apps barraging users with a potent spyware. Once installed on the device, the apps infect the devices with spyware, identified as “VajraSpy,” to track all device activities and stored data.

They identified at least six different malicious applications running on the Play Store, garnering a significant number of downloads. These apps basically offered communication facility, tricking the users into giving explicit access to the device. These malicious apps include the following.

  • Privee Talk
  • Meet Me
  • Let’s Chat
  • Quick Chat
  • Rafaqat

In addition, some other chat apps also appeared online during the same time period on other sources, bearing similar malicious codes.

The threat actors behind this campaign potentially lured the victims into downloading the apps via romance scams. The campaign has been going around for several years, and the appearance of the first malicious app on the Play Store dates back to 2021. Later, other such apps appeared online, continuing the malware distribution. The researchers identified the prime target for this campaign as the users from Pakistan and India. Detailed technical analysis of this malware is available in ESET’s report.

Following the researchers’ report, Google removed the identified malicious apps from the Play Store. Besides, it also assures protecting users’ devices via its Play Protect feature, which will alert the users upon detecting any reported apps running on the device. Nonetheless, users must still scan their devices manually for potential threats. In addition, all users must ensure using apps from trusted publishers only, even when downloading the apps from the Play Store.

Let us know your thoughts in the comments.

You may also like