Millions of Android phone owners warned of data-stealing fake apps that can spy on your WhatsApp messages… – The Sun
Sun Tech in association with
ANDROID users have been alerted to fake VPN apps which are capable of stealing information from WhatsApp.
Hackers have come up with a dummy site designed to trick people into installing malicious data-hungry apps.
They use and abuse the real SecureVPN name to reel victims in.
Once installed, the hackers can get hold of contacts, text messages, recorded phone calls, and even chats from popular apps.
It takes advantage of accessibility services on your device to keep track of the keys you tap.
This effectively means a cyber criminal could actively spy on anything you send via WhatsApp, Facebook Messenger, Telegram or just about any other popular messaging platform.
The campaign has been attributed to an infamous cyber-mercenary group called Bahamut ATP.
They're known for offering hack-for-hire services, mainly aimed at specific entities and individuals in the Middle East and South Asia.
As well as a fake version of SecureVPN, the hackers also created ripoffs of SoftVPN and OpenVPN, experts at ESET revealed.
And they say it's still active at the moment.
"It uses the same method of distributing its Android spyware apps via websites that impersonate or masquerade as legitimate services, as has been seen in the past," ESET explained.
"Further, the spyware code, and hence its functionality, is the same as in previous campaigns, including collecting data to be exfiltrated in a local database before sending it to the operators’ server, a tactic rarely seen in mobile cyberespionage apps."
They added: "The campaigns using the fake SecureVPN app try to keep a low profile, since the website URL is most likely delivered to potential victims with an activation key, which is not provided on the website.
"Unfortunately, we were not able to obtain a working key."
Although Google's open approach to Android means you can download apps anywhere you like, it's widely regarded as risky.
It's better not to install apps from outside the Google Play Store as they don't go through same vetting process.
However, even on the Google Play Store some dodgy apps slip through the net, so be sure to read reviews and check that the provider appears legit.
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
IAC fans all saying the same thing as Babatunde Aleshe leaves the jungle
A Place In The Sun axed me after I got cancer, says Jonnie Irwin
Real reason Matt Hancock has disappeared from I'm A Celebrity
Man who says he’s the ‘hot dad’ on school run gets utterly rinsed by mums
Our journalists strive for accuracy but on occasion we make mistakes. For further details of our complaints policy and to make a complaint please click this link: thesun.co.uk/editorial-complaints/