"These unknown, financially motivated threat actors make enticing promises of quick loans with minimal formalities, deliver malware to compromise their devices, and employ threats to extort money," Cyfirma said in an analysis late last month. The development comes as financially motivated threat actors from Pakistan and India have been found targeting Indian Android users with a fake loan app (Moneyfine or "") as part of an extortion scam that manipulates the selfie uploaded as part of a know your customer (KYC) process to create a nude image and threatens victims to make a payment or risk getting the doctored photos distributed to their contacts. It has been attributed to the SideWinder group, another outfit that has been flagged as operating with Indian interests in mind. Outside of Pakistan and India, Nepalese government entities have also been likely targeted via a phishing campaign that delivers a Nim-based backdoor. Qihoo 360, in its own analysis of the malware in November 2023, tied it to a threat actor it tracks under the moniker Fire Demon Snake (aka APT-C-52). Vajra gets its name from the Sanskrit word for thunderbolt. It's also not the first time that the attackers have been observed deploying VajraRAT, which was previously documented by Chinese cybersecurity company QiAnXin in early 2022 as having been used in a campaign aimed at Pakistani government and military entities. Use precise geolocation data and actively scan device characteristics for identification. In March 2023, Meta revealed that the hacking crew created fictitious personas on Facebook and Instagram to share links to rogue apps to target victims in Pakistan, India, Bangladesh, Sri Lanka, Tibet, and China. This is not the first time Patchwork – a threat actor with suspected ties to India – has leveraged this technique. The exact distribution vector for the malware is currently not clear, although the nature of the apps suggests that the targets were tricked into downloading them as part of a honey-trap romance scam, where the perpetrators convince them to install these bogus apps under the pretext of having a more secure conversation. ![]() ![]() It was uploaded to Google Play on October 26, 2022, by a developer named Mohammad Rizwan and amassed a total of 1,000 downloads before it was taken down by Google. To associate your repository with the android-hacking topic, visit your repos landing page and select 'manage topics.' Learn more. Rafaqat رفاق is notable for the fact that it's the only non-messaging app and was advertised as a way to access the latest news. The malicious apps distributed via Google Play and elsewhere primarily masqueraded as messaging applications, with the most recent ones propagated as recently as September 2023. "It steals contacts, files, call logs, and SMS messages, but some of its implementations can even extract WhatsApp and Signal messages, record phone calls, and take pictures with the camera."Īs many as 148 devices in Pakistan and India are estimated to have been compromised in the wild. "VajraSpy has a range of espionage functionalities that can be expanded based on the permissions granted to the app bundled with its code," security researcher Lukáš Štefanko said. It’s best if you are careful and only download an app that’s been vetted by users over a period of time. Others work as advertised but steal your confidential data while doing your bidding. Some Android hacking apps are scams trying to take you for a ride. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between April 2021 and March 2023. Not every best hacking app for Android ever made is actually legitimate. Minspy cannot be held responsible if a User chooses to monitor a device the User does not have the right to monitor nor can Minspy provide legal advice regarding the use of the Licensed Software.The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. ![]() You take full responsibility for determining that you have the right to monitor the device on which the Licensed Software is installed. You should consult your own legal advisor with respect to legality of using the Licensed Software in the manner you intend to use it prior to downloading, installing, and using it. The violation of this requirement could result in severe monetary and criminal penalties imposed on the violator. ![]() The law generally requires you to notify users/ owners of the device that it is being monitored. It is the violation of the United States federal and/or state law and your local jurisdiction law to install surveillance software, such as the Licensed Software, onto a mobile phone or other device you do not have the right to monitor.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |