BEWARE! 5 trojanized Android apps found spying on Pakistanis
Share
ISLAMABAD – Cyber security researchers have found five trojanized versions of legitimate Android apps that carry out covert surveillance and espionage targeting users in Pakistan.
Designed to masquerade apps such as the Pakistan Citizen Portal, Pakistan Salat Time, Mobile Packages Pakistan, Registered SIMs Checker, and TPL Insurance, the malicious variants have been found to obfuscate their operations to stealthily download a payload in the form of an Android Dalvik executable (DEX) file.
"The DEX payload contains most of the malicious features, which include the ability to covertly exfiltrate sensitive data like the user's contact list and the full contents of SMS messages,” Sophos threat researchers Pankaj Kohli and Andrew Brandt said. "The app then sends this information to one of a small number of command-and-control websites hosted on servers located in Eastern Europe."
NEW Android spyware targets users in Pakistan 📲
— SophosLabs (@SophosLabs) January 12, 2021
The apps seem focused on stealing sensitive data from the phones of Pakistani residents...
1/13 pic.twitter.com/t8w2KqoeGh
The fake version of the Pakistan Citizen Portal was also earlier prominently displayed as an image on the Trading Corporation of Pakistan (TCP) website, potentially in an attempt to lure unsuspecting users into downloading the malware-laced app that also transmits sensitive information such as users' computerised national identity card numbers, passport details, and the username and password for Facebook and other accounts.
Sophos researchers also discovered an app called Pakistan Chat that didn't have a benign analogue distributed via the Google Play Store. But the app was found to leverage the API of a legitimate chat service, ChatGum. Once installed, the app requests permissions that allow it to gather personal data on the victim's device including detailed profile information about the phone, location information, contact lists, SMS contents, call logs, and the full directory listing of internal as well as SD card storage.
Pakistan's IT ministry 'monitoring' WhatsApp ... 07:53 PM | 13 Jan, 2021ISLAMABAD – The Pakistani government says it is monitoring the current developments and clarifications provided ...
- What is the right age of paddy nursery to transfer?03:14 PM | 2 Jul, 2022
- Cotton crop care during monsoon05:45 PM | 28 Jun, 2022
- Rooftop agriculture07:25 PM | 25 Jun, 2022
- Paddy directly from seed cultivation method05:56 AM | 22 Jun, 2022
- Bio-fertilizers | benefits and usage04:55 PM | 18 Jun, 2022
- Mahira Khan, Fahad Mustafa dance their hearts out as they promote ...12:21 AM | 6 Jul, 2022
- Films releasing in Pakistan on Eidul Adha 202211:51 PM | 5 Jul, 2022
- Defiant Pakistani journalist Imran Riaz Khan arrested (VIDEO)11:29 PM | 5 Jul, 2022
- Pakistan golfers shine in international event10:47 PM | 5 Jul, 2022
- Pakistani celebrities who are performing Hajj 202210:16 PM | 5 Jul, 2022
- Most-followed TikToker is a practicing Muslim and ‘Hafiz-e-Quran’09:40 PM | 5 Jul, 2022
- Films releasing in Pakistan on Eidul Adha 202211:51 PM | 5 Jul, 2022
- Ahmed Ali Butt’s new video with Mahira Khan and Fahad Mustafa wins ...07:10 PM | 5 Jul, 2022
- Pakistani celebrities who are performing Hajj 202210:16 PM | 5 Jul, 2022
- Films releasing in Pakistan on Eidul Adha 202211:51 PM | 5 Jul, 2022
- Pakistan’s largest city Karachi still among world’s least ...06:26 PM | 23 Jun, 2022
- 42 Pakistani universities make it to Times Higher Education Asia ...07:52 PM | 1 Jun, 2022
