installing two malicious apps called “Virtual Assistant” and “Islamic World”. These apps are disguised as harmless and useful tools but once downloaded, they initiate a series of malicious actions.
Upon installation, the apps ask for various permissions from the user including access to contacts, phone calls, microphone, and SMS messages. Once granted, the apps allow the cyber attackers to gain complete control of the victim’s phone.
The apps also act as spyware, allowing the attackers to covertly record audio, steal messages, access GPS location, and even steal images and videos from the device.
The targeted campaign has primarily focused on businesses and individuals in the Pakistan region, leading cybersecurity experts to believe that the attackers are looking to obtain sensitive data and intelligence.
While the malicious apps have been removed from the Google Play Store, it is still possible that some users have downloaded them. Individuals who may have downloaded these apps should take immediate action to protect their devices and data.
In summary, Pakistani individuals and businesses have been targeted in a new campaign by a group known as DoNot Team or APT-C-35. The group uses two rogue Android apps that are installed onto victims’ smartphones and used for espionage and data theft. Users who may have downloaded the apps should take immediate steps to protect their devices and data.Original Article: https://thehackernews.com/2023/06/rogue-android-apps-target-pakistani.html