Once again, security specialists are sounding the alarm over a new instance of Android malware camouflaged within a suspicious app. This occurrence is currently affecting several South Asian nations.
According to information from BleepingComputer, an imitation Android app named ‘SafeChat’ is currently circulating on the internet, asserting itself as a premier encrypted messaging application. Yet, contrary to its claims of providing secure end-to-end conversations, the app serves as spyware, enabling it to covertly extract call records, text conversations, and even the precise GPS coordinates of individuals using compromised smartphones.
SafeChat – Innocent-looking Android Chat App Unmasked as Data-Stealing Spyware
In a recent revelation, the cybersecurity experts at CYFIRMA, a Singapore-centered firm, unveiled their discovery of SafeChat. Their comprehensive analysis is outlined in their latest report. According to their findings, the originator of this fresh campaign is an Indian advanced persistent threat (APT) hacking collective recognized as ‘Bahamut’.
The Bahamut collective has a track record of concocting harmful applications. Towards the conclusion of the previous year, they were identified as disseminating counterfeit VPN apps that, much like their current endeavor, boasted substantial spyware functionalities.
Cyfirma reveals that the so-called dubious chatting application, SafeChat, when installed on targeted devices, possesses significantly higher permission levels in comparison to another similar malware it has been likened to.
There’s speculation that the spyware in question might be a modified version of Coverlm, a previously observed strain that’s known for its focus on extracting data from popular apps such as WhatsApp, Telegram, WhatsApp Messenger, and Signal. This malicious program goes above and beyond simply stealing data from WhatsApp users by prying upon private information from their devices. Call logs, text messages, and accurate GPS coordinates are all included in this.
CYFIRMA hasn’t disclosed the exact social engineering approach used in this cyber attack. However, their findings clearly indicate that victims are deceived into installing a chat application, falsely believing it will provide a more secure communication environment.
Upon scrutinizing SafeChat’s Android Manifest file, CYFIRMA unearthed a remarkable revelation: SafeChat is intricately designed to interface with all other chat applications present on a compromised device. These encompass prominent platforms such as Telegram, WhatsApp, Signal, Facebook Messenger, and Viber. As a result of this clever manipulation, the spyware is able to steal information from these programs and send it to a server run by the campaign’s masterminds.
Read Also: Best Ways to Detect Spyware On Android Phone
Stay Safe from These Malicious Chat Applications
Below are a few recommendations to shield yourself from threats like SafeChat and other malware, ensuring the security of your Android device.
Source Verification: Download apps only from reputable sources such as the official Google Play Store. Avoid third-party app stores or unverified websites.
App Reviews and Ratings: Before installing any app, check its reviews and ratings. Be cautious if an app has few reviews or predominantly negative feedback.
Permissions Awareness: Review the permissions an app requests during installation. If an app asks for excessive permissions that seem unrelated to its functionality, it could be suspicious.
Security Software: Install a reliable antivirus or security app that can scan and detect potential threats. For this, we recommend you use the Systweak Anti-malware app on your Android smartphone.
|Crafted and engineered by Systweak Software, Systweak Anti-Malware stands as a robust solution for eradicating malware and protecting your Android smartphone against viral attacks. This dynamic Android security tool serves as a barrier, safeguarding your device from malicious software and compromised files.
Harnessing advanced algorithms, Systweak Anti-malware is equipped to swiftly detect and thwart a wide spectrum of detrimental content that poses a threat to your smartphone’s integrity. The app’s database undergoes frequent updates, ensuring your Android device remains fortified against the latest strains of viruses and malware.
Download Systweak Anti-malware now –
By staying vigilant and following these steps, you can significantly reduce the risk of falling victim to malicious chat applications and other cyber threats. If you suspect an app to be malicious, uninstall it immediately and run a security scan with the help of Systweak Anti-malware.
Next Read: How To Prevent Spyware And Adware?