These chat apps might silently be snapping your pictures or recording audio and must be deleted immediately،
Six of the apps were available on Google Play and the rest were hosted on VirusTotal. Eleven of the apps look like legitimate messaging apps. One is disguised as a news app.
Apps can steal your contacts, files, call records and text messages. Some of them can even access WhatsApp and Signal chats, record phone calls and intercept notifications. Apps also send device locations and names of installed apps to their command and control centers.
The apps mainly target users in Pakistan and India. Those available on Google Play have been downloaded 1,400 times.
The things we do for love
The cybercriminals behind the apps use a honey trap or love trap scam to trick victims into downloading them. The bad actors likely found their targets on a social media platform and then demonstrated romantic interest to convince them to install the malicious apps.
Here are the names of the applications found on Google Play:
1. Rafaqat (an Urdu word meaning camaraderie)
2. Private chat
3. Meet me
4. Let's discuss
5. Quick chat
6. Small talk
Although these apps have been removed from the Play Store, if you have them on your phone, you should delete them to stay safe.
Applications found on VirusTotal:
1. YohooTalk
2. TikTok
3. Hello Cha
4. Nidus
5. GlowChat
6. Wave chat
The apps appear to offer standard messaging functionality and ask the user to create an account using their phone number. Even if the account creation process fails, they continue to run in the background.