BEWARE! 5 trojanized Android apps found spying on Pakistanis
Share
ISLAMABAD – Cyber security researchers have found five trojanized versions of legitimate Android apps that carry out covert surveillance and espionage targeting users in Pakistan.
Designed to masquerade apps such as the Pakistan Citizen Portal, Pakistan Salat Time, Mobile Packages Pakistan, Registered SIMs Checker, and TPL Insurance, the malicious variants have been found to obfuscate their operations to stealthily download a payload in the form of an Android Dalvik executable (DEX) file.
"The DEX payload contains most of the malicious features, which include the ability to covertly exfiltrate sensitive data like the user's contact list and the full contents of SMS messages,” Sophos threat researchers Pankaj Kohli and Andrew Brandt said. "The app then sends this information to one of a small number of command-and-control websites hosted on servers located in Eastern Europe."
NEW Android spyware targets users in Pakistan 📲
— SophosLabs (@SophosLabs) January 12, 2021
The apps seem focused on stealing sensitive data from the phones of Pakistani residents...
1/13 pic.twitter.com/t8w2KqoeGh
The fake version of the Pakistan Citizen Portal was also earlier prominently displayed as an image on the Trading Corporation of Pakistan (TCP) website, potentially in an attempt to lure unsuspecting users into downloading the malware-laced app that also transmits sensitive information such as users' computerised national identity card numbers, passport details, and the username and password for Facebook and other accounts.
Sophos researchers also discovered an app called Pakistan Chat that didn't have a benign analogue distributed via the Google Play Store. But the app was found to leverage the API of a legitimate chat service, ChatGum. Once installed, the app requests permissions that allow it to gather personal data on the victim's device including detailed profile information about the phone, location information, contact lists, SMS contents, call logs, and the full directory listing of internal as well as SD card storage.
Pakistan's IT ministry 'monitoring' WhatsApp ... 07:53 PM | 13 Jan, 2021ISLAMABAD – The Pakistani government says it is monitoring the current developments and clarifications provided ...
- #TractorParade – Clashes break out as Indian farmers begin massive ...01:04 PM | 26 Jan, 2021
- Man shot in leg for resisting robbery bid in Karachi (VIDEO)12:23 PM | 26 Jan, 2021
- Indian extremist outfit Karni Sena announces award of Rs 1 crore for ...11:50 AM | 26 Jan, 2021
- Rawalpindi court sentences couple to death for sexually assaulting, ...11:21 AM | 26 Jan, 2021
- Hareem Farooq copies Shah Rukh Khan in her recent Instagram post11:06 AM | 26 Jan, 2021
- Hareem Farooq copies Shah Rukh Khan in her recent Instagram post11:06 AM | 26 Jan, 2021
- Twitter mourns as the 'Guinness World Record' holder poet Rehan Azmi ...09:38 AM | 26 Jan, 2021
- Ali Abbas contracts coronavirus10:07 PM | 25 Jan, 2021
- Hollywood's top female celebs who lift weights to stay fit02:36 PM | 22 Jan, 2021
- Here's how world leaders responded to Biden's inauguration as POTUS07:24 PM | 21 Jan, 2021
- Stars who turned down plastic surgery07:32 PM | 17 Jan, 2021
- Stars who dated in the past11:38 PM | 5 Jan, 2021
