Reporting uncovers 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between April 2021 and March 2023. VajraSpy has a range of espionage functionalities that can be expanded based on the permissions granted to the app bundled with its code. It steals contacts, files, call logs, and SMS messages, but some of its implementations can even extract WhatsApp and Signal messages, record phone calls, and take pictures with the camera. The malicious apps distributed via Google Play and elsewhere primarily masqueraded as messaging applications, with the most recent ones propagated as recently as September 2023. – Privee Talk (com.priv.talk) – MeetMe (com.meeete.org) – Let’s Chat (com.letsm.chat) – Quick Chat (com.qqc.chat) – Rafaqat رفاق (com.rafaqat.news) – Chit Chat (com.chit.chat) – YohooTalk (com.yoho.talk). -TikTalk (com.tik.talk) – Hello Chat (com.hello.chat) – Nidus (com.nidus.no or com.nionio.org) – GlowChat (com.glow.glow) – Wave Chat (com.wave.chat) |