Alert for Android Users: Malicious Apps Identified
Owners of Android devices should be aware of a recent advisory from ESET cyber security experts, who have pinpointed three applications that could compromise user safety. The apps in question, named Dink Messenger, Sim Info, and Defcom, have been found to contain the XploitSPY malware, a serious threat to the confidentiality of personal and banking details.
These findings come from diligent research by the ESET team, who uncovered that these clone apps are part of a larger nefarious operation that has been particularly active in India and Pakistan since November 2021. Despite the regional focus, the global availability of these apps on the Google Play Store means that any user downloading them is at risk.
An ESET researcher explained, “The apps are designed to extract vital information such as contact lists, files, and even the device’s GPS location.” It was also revealed that the apps cleverly conceal the malware’s command-and-control server addresses using a native library, making them harder to detect with standard security measures.
The investigation has not stopped at these three apps; ESET has also flagged an additional 10 applications that are found to share the same malicious code base as XploitSPY.
Following the discovery, Google has been notified and has taken action to eliminate the reported apps from the Play Store. Android users should act swiftly to ensure their devices are not harboring these dangerous apps. To uninstall an app, users can go to the Google Play Store, tap on the Profile icon, navigate to ‘Manage apps and devices,’ select the app in question, and choose ‘Uninstall.’
Source: Newsroom
