surveillance concerns Archives

AppWizard

October 2, 2025

Signal Messenger Impersonated in ‘ProSpy’ Android Spyware Campaign

ESET researchers have identified two Android spyware campaigns, ProSpy and ToSpy, which masquerade as secure messaging apps, Signal and ToTok. These malware families were first detected in June 2025 and are distributed through phishing websites and fake app marketplaces. ProSpy, which mimics a “Signal encryption plugin” or an enhanced ToTok, extracts sensitive user information, including SMS messages, contacts, and device metadata, after gaining permissions. It disguises itself as “Play Services” to avoid detection. ToSpy, discovered concurrently, seeks to capture specific files related to ToTok backups and collects various document types. Both malware types maintain long-term access to infected devices and have been reported to Google, resulting in Play Protect blocking their known variants. The main targets of these campaigns are users in the United Arab Emirates.

AppWizard

October 2, 2025

ESET Research discovers new spyware posing as messaging apps targeting users in the UAE

ESET Research has identified two new families of Android spyware: Android/Spy.ProSpy and Android/Spy.ToSpy. These malware campaigns target users of secure communication apps, specifically Signal and ToTok, and are distributed through deceptive websites and social engineering, primarily focusing on residents of the United Arab Emirates (UAE). Android/Spy.ProSpy pretends to be upgrades for the Signal and ToTok apps, while Android/Spy.ToSpy targets ToTok users exclusively. Both spyware families require manual installation from unofficial sources, as they are not available in official app stores. The ProSpy campaign was first noted in June 2025 but is believed to have been active since 2024, using misleading websites to distribute malicious APKs. ESET's findings indicate that the ToSpy campaigns are still ongoing, with command and control servers still operational. The spyware collects sensitive data, including contacts, SMS messages, and files, once installed. Users are advised to be cautious when downloading apps from unofficial sources and to avoid enabling installations from unknown origins.

AppWizard

October 2, 2025

ProSpy and ToSpy: New spyware families impersonating secure messaging apps

ESET researchers have identified two Android spyware campaigns, Android/Spy.ProSpy and Android/Spy.ToSpy, targeting users of secure messaging apps like Signal and ToTok. These spyware families are distributed through deceptive websites and social engineering tactics, requiring manual installation from unofficial sources. The ProSpy campaign, operational since 2024, uses fraudulent websites to distribute malicious APKs disguised as a Signal Encryption Plugin and ToTok Pro, particularly targeting users in the UAE. The ToSpy campaign, discovered in June 2025, also targets users in the UAE, utilizing fake distribution sites impersonating the ToTok app. Both spyware types request access to contacts, SMS messages, and files, exfiltrating sensitive data in the background. ESET advises users to be cautious when downloading apps from unofficial sources.

AppWizard

September 4, 2025

Russia promotes ‘national messenger’ to vanquish WhatsApp in fresh crackdown

Russian government minister Maksut Shadayev expressed concerns to President Vladimir Putin about foreign messaging apps like WhatsApp and proposed creating a "fully Russian messenger." Putin supported this idea and signed a law establishing a national messenger service, granting the status to the app Max, developed by VKontakte (VK). Roskomnadzor has begun restricting services like Telegram and WhatsApp due to their involvement in harmful activities, marking a significant effort to limit online freedoms since Russia's invasion of Ukraine in 2022. Digital rights activists worry Max could facilitate government surveillance as it lacks end-to-end encryption, allowing data storage on VK's servers and sharing with law enforcement. Max's user base grew from 1 million to 30 million following a marketing campaign, and schools are now required to use it for official communications. Putin's administration is working to limit software from countries deemed unfriendly, putting WhatsApp's future in Russia in jeopardy. The status of Telegram remains uncertain, as the state has previously attempted to ban it but now utilizes it for communication. Recent legislation has criminalized searching for "extremist materials" and mandated migrant workers to install a surveillance app.

AppWizard

August 23, 2025

Russia mandates spy messenger app in occupied Ukraine

Yevhenia Virlych, editor-in-chief of Kavun.City, discussed the challenges faced by residents in temporarily occupied territories, highlighting communication restrictions imposed by Russian authorities. She noted that messaging applications are disrupted and that a Russian-promoted messaging app may activate users' cameras without consent, raising privacy concerns. Virlych reported a critical shortage of medical services and medicines in these regions and mentioned that many communities are experiencing severe water shortages due to the destruction of the Kakhovka Hydroelectric Power Plant. Additionally, on August 8, the National Resistance Center stated that residents are being forced to install spyware for data collection by Russian intelligence. A complete blackout occurred on August 19 in the occupied regions of Zaporizhzhia and Kherson.

AppWizard

July 27, 2025

Inside Putin’s attempt to construct a ‘digital gulag’ spy app to snoop on Russians

The new messenger app Max, developed by VK, will be a standard feature on all new digital devices sold in Russia starting this September. It aims to integrate messaging, video calls, government services, and mobile payments. Experts express concerns that Max could enhance Kremlin surveillance capabilities, as its servers will be governed by local laws allowing the FSB to access user data. There is an increasing likelihood of a ban on WhatsApp, which is currently used by over 70% of Russians, as part of a strategy to promote Max. Opposition journalist Andrey Okun describes Max as a tool for creating a "digital gulag," while experts note it normalizes state surveillance of internet usage in Russia. The Russian government has designated WhatsApp as an extremist organization, and tactics may be employed to transition users to Max. Although the shift may not change the organized opposition landscape significantly, it could discourage casual dissent. Historically, the government has attempted to block services like Telegram, with renewed efforts expected by the end of the year.

AppWizard

July 25, 2025

Putin’s ‘digital gulag’: Inside the Kremlin’s attempt to construct a spy app to snoop on Russians

A new messenger app named Max, developed by Russian tech company VK, will be pre-installed on all new digital devices sold in Russia starting September. Analysts express concerns that Max, which integrates messaging, video calls, government services, and mobile payments, could be used as a surveillance tool by the Kremlin due to its architecture and local server location. There are fears that it may enable the government to monitor citizens closely, with a potential ban on popular apps like WhatsApp to steer users towards Max. Russian opposition journalist Andrey Okun has described Max as part of a "digital gulag" that allows for strict government oversight of citizens. Experts suggest that the introduction of Max is part of a broader initiative to enhance state surveillance capabilities. The Russian government has previously expressed frustration with foreign apps complicating surveillance, and attempts to block platforms like Telegram have had limited success, indicating a potential increase in efforts to control messaging services in the future.

AppWizard

July 24, 2025

Russia Launches An App That Could Spy On Its Citizens, Likely To Ban WhatsApp

Russia will launch a new digital device featuring a messenger app named Max in September, which will include messaging, video calls, government services, and mobile payment options. The app will be pre-installed on all new devices in the country, and its servers will be located in Russia, potentially allowing the FSB access to user data. Experts express concerns that Max may facilitate state surveillance and could lead to the banning of global messaging platforms like WhatsApp. The development of Max is reportedly linked to President Vladimir Putin's orders and reflects the Kremlin's ongoing efforts to monitor digital communications and assert control over the online environment in Russia.