These chat apps might silently be snapping your pictures or recording audio and must be deleted immediately

These chat apps might silently be snapping your pictures or recording audio and must be deleted immediately،

ESET Researchers have published the names of recently discovered Android apps that exist primarily to keep tabs on users downloading them.

Six of the apps were available on Google Play and the rest were hosted on VirusTotal. Eleven of the apps look like legitimate messaging apps. One is disguised as a news app.

The applications silently execute Remote Access Trojan (RAT) code known as VajraSpy and are part of a Patchwork APT campaign. Their main functionality is to spy on people and their monitoring capabilities are tied to the permissions granted to them.

Apps can steal your contacts, files, call records and text messages. Some of them can even access WhatsApp and Signal chats, record phone calls and intercept notifications. Apps also send device locations and names of installed apps to their command and control centers.

Their most disturbing ability is that they can take photos of victims and record surrounding sound.

The apps mainly target users in Pakistan and India. Those available on Google Play have been downloaded 1,400 times.

The things we do for love

The cybercriminals behind the apps use a honey trap or love trap scam to trick victims into downloading them. The bad actors likely found their targets on a social media platform and then demonstrated romantic interest to convince them to install the malicious apps.

Here are the names of the applications found on Google Play:

1. Rafaqat (an Urdu word meaning camaraderie)

2. Private chat

3. Meet me

4. Let's discuss

5. Quick chat

6. Small talk

Although these apps have been removed from the Play Store, if you have them on your phone, you should delete them to stay safe.

Applications found on VirusTotal:

1. YohooTalk

2. TikTok

3. Hello Cha

4. Nidus

5. GlowChat

6. Wave chat

The apps appear to offer standard messaging functionality and ask the user to create an account using their phone number. Even if the account creation process fails, they continue to run in the background.

If you're alone or looking to settle down, we recommend giving that person your mom recommended a chance or letting your friends settle you down, instead of getting close to random strangers, especially those who are pushy to direct the conversation to a shady messaging app. .