ANDROID owners are being urged to check their phones for two rogue apps which can steal your WhatsApp conversations.
A recent investigation by internet security firm ESET revealed that a new version of spyware known as GravityRAT was being distributed on Android phones – using two messaging apps as a cyber-trojan-horse.
The malicious messaging apps are called BingeChat and Chatico, and have been available to download online – but not via the official Google Play Store.
The pair present as a free messaging and file sharing service.
But their real purpose is much more sinister.
These apps have been injected with malware that can delete and steal vast amounts of data, including WhatsApp backup files, SMS messages, contact lists, device location, as well as photos and documents files.
READ MORE ON ANDROID
Millions of Android owners warned of 22 bank-raiding ‘stalkerware’ phone apps
Android users issued Google warning to block ‘creeps’ viewing your locations
GravityRAT is a remote access tool, which had previously been used in targeted cyber attacks in India, but essentially grants hackers full control over a device from a remote location.
The malware strain has been active since at least 2015, Bleeping Computer points out, but has only grown popular among Android-targeting hacking groups since 2020.
In a statement, ESET researcher Lukáš Štefanko, who investigated the malicious apps, said: “We found a website that should provide the malicious app after tapping the DOWNLOAD APP button; however, it requires visitors to log in.
"We didn’t have credentials, and registrations were closed.
Most read in Phones & Gadgets
Wi-Fi speed is killed by two common household activities – move your router now
People are just realising it's possible to BLOCK unknown callers on your iPhone
Millions of Android owners warned of 22 bank-raiding 'stalkerware' phone apps
Android users issued Google warning to block 'creeps' viewing your locations
"It is most probable that the operators only open registration when they expect a specific victim to visit, possibly with a particular IP address, geolocation, custom URL, or within a specific timeframe
“Although we couldn’t download the BingeChat app via the website, we were able to find a distribution URL on VirusTotal."
The cyber crook behind this particular campaign remains unknown, according to ESET.
Although one silver living for the average Android user is that this malicious campaign "is very likely highly targeted" to specific individuals of interest, ESET said in its report.
So, it's unlikely that your average WhatsApp-using joe will be of interest to this hacker.
However, if you do have this app on any of your devices – it's best to delete it immediately.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
- How to delete your Instagram account
- What does pending mean on Snapchat?
- How to check if you've been blocked on WhatsApp
- How to drop a pin on Google Maps
- How can I change my Facebook password?
- How to go live on TikTok
- How to clear the cache on an iPhone
- What is NFT art?
- What is OnlyFans?
- What does Meta mean?
Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.
Source: Read Full Article