Three apps that are now very dangerous to delete from your Android device are Dink Messenger, SIM Info and Defcom.
If you find any of them on your phone, delete them immediately. Next, you will need to check the security of your device and monitor your accounts. It’s also a good idea to change your bank account and email passwords, and make sure multi-factor authentication (MFA) is enabled.
As a reminder, AMF (or MFA in English) uses verification processes that require at least two different authentication factors; for example, the first one is on your personal computer and the second one is on your smartphone.
ESET
Three applications containing the same XsploitSPY malware
These three dangerous apps have just been discovered to contain malware that was openly advertised on the Internet. It steals your messages and banking credentials on infected Android phones.
Android users should be wary of apps that claim to provide interfaces with popular messaging platforms. The latest trio of apps were found to contain the well-established open-source XsploitSPY malware.
Removed from Google Play Store.
ESET says the XsploitSPY infection is limited to Asia, but may well spread to Android users wherever they are.
“This active and targeted Android spying campaign began in late 2021 and primarily masquerades as messaging apps distributed on dedicated websites and Google Play,” ESET said.
Google Play Protection
Malicious apps have been removed from Google Play, but this does not mean they will no longer be available on devices or in third-party stores.
Android users should make sure they have Google Play Protect as extra protection against Play Store apps that have passed through the popular app store’s filters or been downloaded elsewhere.
With Google Play Protect enabled by default on Android devices with Google Play Services, users are automatically protected from known versions of malware. Google Play Protect can warn users or block apps that are known to behave maliciously, even if those apps come from sources outside the Google Play platform.
ESET
Complex but targeted espionage
XsploitSPY malware offers an extensive set of malicious capabilities, including GPS recording, microphone recording, camera access, SMS access, clipboard recording, and message notification interception. Something no one wants on their device.
The main motivation behind the campaigns surrounding this malware is to steal identities from banking and other financial applications into empty accounts. But the limited and specific nature of this particular campaign looks more like targeted espionage.
Before downloading so-called popular but little-known apps, be careful, they may be designed to trick users into believing they are safe.
Related Posts
The world’s smallest brain implant is here, and it could revolutionize medicine!
Spring offer (-58%) on NordVPN
