New Android spyware stealing data from the phones of Pakistanis

A report published by SophosLabs has revealed that a small cluster of Trojanized Android apps is mainly marketed to Pakistani people.

0

The new Android spyware has been stealing sensitive data from the phones of Pakistani residents.
A report published by SophosLabs has revealed that a small cluster of Trojanized Android apps is mainly marketed to Pakistani people.

The modified apps look similar to their original counterparts and even perform their normal functions. However, they are designed to initially profile the phone and then download a payload in an Android Dalvik executable file.

The DEX payload comprises most of the malicious features and can covertly exfiltrate data like the user’s contact list and contents of SMS messages.

The selection of apps is very unusual, as they are neither the most popular nor strangely unique apps. There is no evidence that the original apps’ publishers are aware that these Trojanized versions even exist.

The highest-profile app Trojanized is the Pakistan Citizen Portal, published by the government of Pakistan. This version never reportedly appeared in any legitimate market.

Citizen’s portal app.

Other than the official Pakistan Citizen Portal app, modified versions of a Muslim prayer-clock app called Pakistan Salat Time was also found.

Muslim prayer clock app.

To avoid falling prey to such malicious applications, only install apps from trusted sources like Google Play. Developers of popular apps usually have a website, which directs the users to the original app. Users should verify if the apps were developed by their genuine developers.

What are your views on this? Share with us in the comments below.


Featured Content⭐


Most viewed in last 24 hours


24 گھنٹوں کے دوران 🔥


>