Great Moto G Stylus deal on Amazon!
Last chance to snatch the perfect Mother's Day gift at a discount and get it in time for her holiday!
Last chance to snatch the perfect Mother's Day gift at a discount and get it in time for her holiday!

Android spyware found hiding out in Play Store; delete these two apps now!

By
1comment
Android spyware found hiding out in Play Store; delete these two apps now!
A pair of malicious apps were discovered in the Google Play Store recently by cybersecurity firm Cyfirma. The latter said that the apps were used by state-sponsored threat actors to collect location data and contact lists from targeted devices. Cyfirma, with medium confidence, says that the attack comes from a hacking group in India called "DoNot." The attacks have been spotted in Pakistan.

The two apps in the Play Store are nSure Chat and iKHfaa VPN. The latter copied code from a legitimate app called Liberty VPN (virtual private network used by those browsing the internet to avoid being tracked) and added additional code to access and collect the contacts list and discover the location of the target. The app also continued tracking the location of the target in real-time.

Those installing the iKHfaa VPN app are asked to enable location service - Android spyware found hiding out in Play Store; delete these two apps now!
Those installing the iKHfaa VPN app are asked to enable location service

While most VPNs do not ask for permission to use location and contacts, iKHfaa VPN does. This made Cyfirma suspicious enough to dig deeper to find that "DoNot" was the attacker behind the malware. When installing the VPN app, it would also show a pop-up asking users to "turn on device location, which uses Google's location service. If the GPS on the targeted person's phone is on and active, the malicious app will be able to figure out the current location of the target. If not, the previous location will appear.

The first two apps listed by the developer in the Play Store are malicious - Android spyware found hiding out in Play Store; delete these two apps now!
The first two apps listed by the developer in the Play Store are malicious

The two aforementioned apps, and a third one from the same developer (which does not appear to be malicious), remain in the Google Play Store. If you have either one installed on your phone no matter where you live, make sure to uninstall them as soon as possible. The name of the developer is SecurITY Industry and the number of downloads for the malicious apps is low which means that they are aimed at specific targets even though they appear in Google's app storefront.

If this app is available from the Google Play Store in your region, do not install it on your phone - Android spyware found hiding out in Play Store; delete these two apps now!
If this app is available from the Google Play Store in your region, do not install it on your phone

Remember, one of the best ways to prevent yourself from installing a malicious app on your phone to read the comments section. Look for red flags such as complaints from those who installed the app about their phones running too hot, running too slow, and suffering from rapid battery depletion. These are some of the signs that should make you run away from an app instead of installing it.
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile celebrating Mint purchase with new and upgraded perks for customers
T-Mobile celebrating Mint purchase with new and upgraded perks for customers
4 billion Android users who downloaded apps flagged by Microsoft need to take some actions to stay safe
4 billion Android users who downloaded apps flagged by Microsoft need to take some actions to stay safe
Grab the JBL Xtreme 3 at its Black Friday price on Amazon and enjoy blasting tunes on the cheap
Grab the JBL Xtreme 3 at its Black Friday price on Amazon and enjoy blasting tunes on the cheap
Researcher answers the age-old question: which platform is more secure, iOS or Android?
Researcher answers the age-old question: which platform is more secure, iOS or Android?
Prices for the Motorola Edge (2022) remain too good to be true on Amazon
Prices for the Motorola Edge (2022) remain too good to be true on Amazon
Check the list to see if your OnePlus device is eligible to receive OxygenOS 15
Check the list to see if your OnePlus device is eligible to receive OxygenOS 15

Latest News

Five new mobile games join Netflix in May, including a premium Sonic title
Five new mobile games join Netflix in May, including a premium Sonic title
ZTE Axon 60 Ultra is getting two smaller brothers, the Axon 60 and Axon 60 Lite
ZTE Axon 60 Ultra is getting two smaller brothers, the Axon 60 and Axon 60 Lite
Meta globally testing cross-posting from Instagram to Threads
Meta globally testing cross-posting from Instagram to Threads
Google Messages will let you add personality to voice recordings
Google Messages will let you add personality to voice recordings
The recently released Garmin Vivoactive 5 enjoys a 17% discount through Amazon's rare deal
The recently released Garmin Vivoactive 5 enjoys a 17% discount through Amazon's rare deal
Expensive Google Pixel 8a myth lives on Verizon but it can be free with a Disney+ bundle
Expensive Google Pixel 8a myth lives on Verizon but it can be free with a Disney+ bundle
FCC OKs Cingular\'s purchase of AT&T Wireless