We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

deceptive apps

12 Android apps secretly recorded your conversations
AppWizard
April 25, 2025

12 Android apps secretly recorded your conversations

Recent findings from cybersecurity experts at ESET revealed that several Android applications, disguised as harmless tools, have been secretly recording conversations and stealing sensitive data. These malicious apps infiltrated devices through the Google Play Store and third-party platforms, compromising the privacy of thousands of users. One tactic used by cybercriminals involved romantic deception, where victims were coaxed into downloading a seemingly harmless messaging app containing the VajraSpy Trojan, which activated upon installation to record conversations and harvest personal data. The identified malicious apps fall into three categories: 1. Standard Messaging Apps with Hidden Trojans: These apps, including Hello Chat, MeetMe, and Chit Chat, request access to personal data and operate silently in the background, stealing contacts, SMS messages, call logs, device location, and installed app lists. 2. Apps Exploiting Accessibility Features: Apps like Wave Chat exploit Android’s accessibility features to intercept communications from secure platforms, record phone calls, keystrokes, and ambient sounds. 3. Single Non-Messaging App: Nidus, a news app, requests a phone number for sign-in and collects contacts and files, increasing the risk of data theft. The 12 malicious Android apps identified include: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. The first six apps were available on the Google Play Store and had over 1,400 downloads before removal. Users are advised to uninstall these apps immediately to protect their personal data.
PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel
AppWizard
March 28, 2025

PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel

PJobRAT is an Android Remote Access Trojan that re-emerged in 2023, targeting users in Taiwan. Initially known for targeting Indian military personnel, it now disguises itself as benign apps like ‘SangaalLite’ and ‘CChat’, distributed via defunct WordPress sites operational from January 2023 to October 2024, with domain registrations dating back to April 2022. The malware is spread through counterfeit applications resembling legitimate messaging services, prompting users to grant extensive permissions. Enhanced capabilities allow it to execute shell commands, access data from any app, root devices, and communicate with command-and-control servers via Firebase Cloud Messaging and HTTP. The campaign appears to have concluded, highlighting the evolving tactics of threat actors. Users are advised against installing apps from untrusted sources and to use mobile threat detection software.
PJobRAT makes a comeback, takes another crack at chat apps
AppWizard
March 28, 2025

PJobRAT makes a comeback, takes another crack at chat apps

In 2021, PJobRAT, an Android Remote Access Trojan (RAT), targeted Indian military personnel through deceptive apps. A new campaign was discovered in 2023, focusing on users in Taiwan, with malicious apps like ‘SangaalLite’ and CChat disguised as instant messaging applications. These apps were available for download from WordPress sites, which have since been taken down. The campaign began in January 2023, with domains registered as early as April 2022, and the latest sample detected in October 2024. The number of infections was low, indicating a targeted approach rather than a broad attack. The distribution methods remain unclear, but may involve SEO poisoning, malvertising, or phishing. Once installed, the apps request extensive permissions and feature basic chat functionality. Recent versions of PJobRAT have shifted from stealing WhatsApp messages to executing shell commands, allowing greater control over compromised devices. PJobRAT communicates with its command-and-control (C2) servers using Firebase Cloud Messaging (FCM) and HTTP, enabling the upload of various data types, including SMS, contacts, and files. The now inactive C2 server was located in Germany.
Malicious Android Apps Hide in Plain Sight, Target Millions of Devices
AppWizard
March 25, 2025

Malicious Android Apps Hide in Plain Sight, Target Millions of Devices

A malicious Android app campaign called “Vapor” has been discovered, designed to trick users into revealing sensitive information through misleading ads. This campaign includes various apps posing as utilities, such as QR code scanners and health trackers, with over 60 million downloads collectively. It primarily targets users in Brazil, the United States, and Mexico. Some apps have evaded detection by not showing harmful behavior immediately after installation and by disguising themselves. They use tactics like inundating users with full-screen ads and employing scare tactics to prompt downloads of additional harmful apps. The campaign may be run by a single cybercriminal group or a coalition, utilizing shared malware development tools. Despite Google removing many harmful apps, new variants continue to emerge, highlighting the evolving nature of mobile malware.
These malicious Android apps were installed over 60 million times - here's how to stay safe
AppWizard
March 19, 2025

These malicious Android apps were installed over 60 million times – here’s how to stay safe

Cybersecurity experts from Bitdefender discovered an ad fraud scheme involving over 300 Android applications that collectively had more than 60 million downloads from the Google Play Store. These apps, which appeared as utility tools like QR scanners and health apps, mainly targeted users with older Android versions (Android 13 and earlier) and first appeared in the third quarter of 2024. As of the research's completion, only 15 of the identified apps were still active, with most affected users located in Brazil, and others in the United States, Mexico, Turkey, and South Korea. The deceptive apps concealed their icons, displayed intrusive ads without user consent, and attempted to harvest sensitive information. Many of these harmful apps have been removed from the Play Store, but users with them installed remain vulnerable. Signs of compromise include lagging, excessive ads, overheating, or unexpected data usage. Users are advised to uninstall suspicious apps and to use the latest version of Android, currently Android 15.
Google Confirms Play Store App Deletion—Check Your Phone Now
AppWizard
March 9, 2025

Google Confirms Play Store App Deletion—Check Your Phone Now

A report has revealed an extensive ad fraud scheme called "Vapor," which has infiltrated the Google Play Store with over 180 malicious applications that garnered more than 56 million downloads before being removed by Google. These apps, which mimic legitimate applications, primarily target categories like flashlight utilities, QR code readers, and horoscope generators. They initially appear functional but later remove legitimate features in updates, replacing them with intrusive advertisements that hijack the device's interface. Some vapor apps achieved over one million downloads, aided by app install schemes that inflated their rankings. Google has committed to removing violating apps and provides Google Play Protect to safeguard users. Users are advised to be cautious and avoid installing low-value applications to mitigate risks.
silver Android smartphone
AppWizard
June 3, 2024

Anatsa banking Trojan plagues Android apps

Anatsa is a sophisticated threat to Android apps, particularly e-banking security. It has breached Google Play, resulting in at least 150,000 infiltrations via deceptive apps. Anatsa uses persistent evasion strategies, including a four-stage payload uploading process, to remain undetected while harvesting information. Users can protect themselves by downloading apps from trusted sources, maintaining regular device software updates, and utilizing dependable security software.
How to secure your Android from password-hacking apps?
AppWizard
May 11, 2024

How to secure your Android from password-hacking apps?

Android users are advised to be cautious when downloading apps due to a malware campaign disguising itself as popular applications like Instagram, Snapchat, and WhatsApp. Users should verify app authenticity through user ratings, reviews, and video testimonials, enable Google Play Protect, and consider installing an Android antivirus app for added security.
Search