“Unmasking Malicious Android Apps: The Hidden Spyware Threat on Google Play Store”

bunee 30 Aug 2023

Malicious Android Apps Injecting BadBazaar Spyware Found on Google Play Store

Main points

  • Cybersecurity researchers found malicious Android apps for Signal and Telegram on Google Play Store and Samsung Galaxy Store.
  • The apps are crafted to deliver the BadBazaar spyware onto the infected devices.
  • The campaign is attributed to China-associated actor, GREF, by Slovakian company, ESET.
  • These campaigns have likely been active from July 2020 and July 2022, respectively.

A Trojan in Disguise

Attention tech fans: If there was an Oscar for “Best Spy in a Mobile App Role”, these Android apps for Signal and Telegram would definitely have nominations. Discovered by cybersecurity researchers, these apps have been lurking in the recesses of Google Play Store and Samsung Galaxy Store, innocently pretending to be messengers. Instead, they’re bearing gifts we’d all rather decline – a dose of the BadBazaar spyware. The only ‘signals’ they’re sending are ones of alarm.

Meet the Puppet master: GREF

Now, behind every good villain, there’s usually a puppet master. Slovakian company, ESET has managed to trace these malicious puppet strings back to a China-associated actor endearingly referred to as GREF. But don’t let the friendly moniker fool you, this invisible hand in the shadows has likely had fingers in many data pies since around July 2020 and July 2022, respectively. Talk about a marathon of mischief!

Summary

In short, we’ve got some sneaky Android apps for Signal and Telegram hiding out on Google Play Store and Samsung Galaxy Store. These aren’t your run-of-the-mill pranksters, but nefarious programs bearing the much less amusing contribution of the BadBazaar spyware. The brains behind this operation? A China-linked actor going by the name GREF. These operations seem to have been ongoing since July of 2020 and 2022, bringing us all a bit of tech drama we didn’t sign up for. Remember, in the world of cybersecurity, not all is as it “app”ears!



Original Article: https://thehackernews.com/2023/08/china-linked-badbazaar-android-spyware.html




Leave a Reply

Your email address will not be published. Required fields are marked *

See Also...

Unmasking Fraudulent Loan Apps: A Deep Dive into the Dark Side of the Google Play Store

Unmasking Fraudulent Loan Apps: A Deep Dive into the Dark Side of the Google Play Store

Devious Loan Apps: Beware of the Digital Pickpocket! Cybersecurity researchers have unearthed 18 malevolent loan ...

(▀̿Ĺ̯▀̿ ̿) Copyright , All Rights Reserved
Website courtesy of Lucid Perspective