Social Media

Hackers stealing WhatsApp users’ data in India via fake Android chat app

Hackers are using a fake Android chatting app called 'SafeChat' to steal data from targeted individuals in South Asia, including India, via malicious payload delivered directly through WhatsApp chat.

Photo of Mohammed Yousuf Mohammed Yousuf1 August 2023 - 11:14
munsif news 24x7 website placeholder featured image Hackers stealing WhatsApp users' data in India via fake Android chat app

Join WhatsApp

Folow Facebook

Subscribe YouTube

Follow Instagram

New Delhi: Hackers are using a fake Android chatting app called ‘SafeChat’ to steal data from targeted individuals in South Asia, including India, via malicious payload delivered directly through WhatsApp chat.

Cyber-security firm Cyfirma obtained advanced Android malware targeting individuals in the South Asia region. The suspicious Android malware is a dummy chatting app.

“Our initial technical analyses revealed that APT Bahamut is behind the attack. The nature of this attack, along with previous incidents involving APT Bahamut, possibly indicate that it was carried out to serve the interests of one nation-state government,” the report noted.

Notably, APT Bahamut has previously targeted Khalistan supporters, advocating for a separate nation, posing an external threat to India.

“The threat actor has also aimed at military establishments in Pakistan and individuals in Kashmir, all aligning with the interests of one nation state government,” the security researchers indicated.

The Android spyware is suspected to be a variant of “Coverlm,” which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.

This particular malware exhibits a similar operational mechanism to the previously identified malware (distributed through the Google Play Store by the notorious APT group known as ‘DoNot’).

However, the new malware has more permissions, and thus presents a higher level of threat.

After installation, a suspected app with the name “Safe Chat” appears on the main menu. After opening the app, the user is shown a landing page where the user is notified of operating a secure chatting app.

Upon opening the app, after fresh installation, the pop-up message instructs the user to allow permission, and the hackers’ game begins.

The user interface of this app successfully deceives users into believing its authenticity, allowing the threat actor to extract all the necessary information, before the victim realises that the app is a dummy.

The Cyfirma team said that based on past and present targets, it strongly suggests that the APT group operates within Indian territory.

Photo of Mohammed Yousuf Mohammed Yousuf1 August 2023 - 11:14
Photo of Mohammed Yousuf

Mohammed Yousuf

Mohammad Yousuf is an accomplished Content Editor with extensive experience in covering local, national, international, and sports news. Known for his sharp analytical skills and compelling storytelling, he has collaborated with leading media houses and earned recognition for his investigative content editing and insightful analysis of current events, trending topics, and breaking news. Yousuf brings deep knowledge of political and international affairs and a passion for delivering accurate and engaging sports coverage. His dedication to content integrity continues to strengthen Munsif News 24x7’s reputation for credibility.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button