By entering your email and pushing continue, you are agreeing to Fox News’ Terms of Use and Privacy Policy, which includes our Notice of Financial Incentive. To access the content, check your email and follow the instructions provided.\n <\/div>\n
Having trouble? Click here.<\/footer>\n<\/div>\n<\/div>\n
You might think that downloading an app from the app store is safe and easy, right? Well, not always. Sometimes, you might actually end up with a nasty surprise: an app that is actually spyware hiding behind a fake name and icon.<\/p>\n
That\u2019s what the VajraSpy RAT does. It\u2019s a Trojan that targets Android devices and steals your data without you knowing. This is a real threat that has affected many Android users.<\/p>\n
Although VajraSpy has been removed from the Google Play Store, it’s still lurking out there on third-party app stores. Also, VajraSpy and the Patchwork APT group behind it are still active. They may attempt to infiltrate other platforms or modify their tactics to evade Google’s detection in the future.<\/p>\n
To protect yourself, here’s what you need to know about VajraSpy RAT, the cyber espionage tool that’s infiltrated Google Play on Android.<\/p>\n
CLICK TO GET KURT\u2019S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO\u2019S TO MAKE YOU SMARTER<\/u><\/strong><\/p>\n\n
<\/source><\/source><\/source><\/source><\/picture><\/div>\n\n
\n
Illustration of a hacker<\/span> (Kurt “CyberGuy” Knutsson)<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\nWhat is cyber espionage tool VajraSpy RAT?<\/strong><\/h2>\nVajraSpy is a remote access Trojan (RAT)<\/u>, which is a type of malware that’s designed to allow an attacker to control an infected device remotely. To get the RAT on your devices, scammers need you to download it to your system. Once the RAT is running on a compromised system \u2014 in this case, your Android \u2014 the attacker can send commands to it and receive data back in response.<\/p>\n
MORE: HOW TO CHANGE YOUR PRIVACY SETTINGS ON YOUR ANDROID DEVICES<\/u><\/strong><\/p>\nWhat are some of cyber espionage tool VajraSpy’s capabilities?<\/strong><\/h2>\nSome of VajraSpy’s capabilities are accessing and taking your contacts, photos and messages. This even includes encrypted messages like those on WhatsApp. Also, searching and exfiltrating documents, images, audio and other types of files.<\/p>\n
In addition, it can listen in on and record your phone calls (if granted the appropriate permissions) and activate your device’s camera to take pictures, turning it into a surveillance tool.<\/p>\n
\n
<\/source><\/source><\/source><\/source><\/picture><\/div>\n\n
\n
A person on social media on their Android<\/span> (Kurt “CyberGuy” Knutsson)<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\nMORE: BEWARE OF NEW ANDROID MALWARE HIDING IN POPULAR APPS<\/u><\/strong><\/p>\nHow does cyber espionage tool VajraSpy\u00a0RAT get onto your Android device?<\/strong><\/h2>\nVajraSpy\u00a0gets onto an unsuspecting victim’s device via a malicious app. When the RAT was first discovered, it was on apps that were found on Google Play sometime between April 1, 2021, through Sept. 10, 2023.<\/p>\n
ESET researchers uncovered the campaign report in 2022 when Patchwork APT<\/u> \u2014 a hacking group primarily targeting people in Pakistan that’s been around since 2015 \u2014 exposed their campaign after unintentionally infecting their own infrastructure with another RAT they were experimenting with.<\/p>\n
When this was leaked and VajraSpy\u00a0was discovered, the infected apps on Google Play were taken down. But they can still be found in third-party apps, with some still getting through to Google Play anyway.<\/p>\n
What are the third-party apps?<\/strong><\/h2>\nVajraSpy\u00a0has been disguising itself primarily in news and messaging apps on Android. Some of the apps that researchers know about include:<\/p>\n
\nRafaqat \u0631\u0641\u0627\u0642\u062a<\/li>\n Privee Talk<\/li>\n Chit Chat<\/li>\n Hello Chat<\/li>\n YohooTalk<\/li>\n MeetMe<\/li>\n Let’s Chat<\/li>\n Quick Chat<\/li>\n TikTalk<\/li>\n Nidus<\/li>\n GlowChat<\/li>\n Wave Chat<\/li>\n<\/ul>\nGoogle Play Protect protects users by automatically removing apps known to contain this malware on Android devices with Google Play Services. However, it is important to note that Google Play Protect may not be enough. Historically, it isn’t 100% foolproof at removing all known malware from Android devices. If, for some reason, you still see these apps on your phone, be sure to manually uninstall them.<\/p>\n
How to uninstall apps on Android<\/strong><\/h2>\nSettings may vary depending on your Android phone\u2019s manufacturer.\u00a0<\/i><\/p>\n\nOpen the Settings app<\/strong><\/li>\nScroll down and select Apps<\/strong><\/li>\nTap on the app you want to delete and select Uninstall<\/strong><\/li>\nConfirm your choice by tapping OK<\/strong> or Uninstall<\/strong> again<\/li>\n<\/ul>\nHave good antivirus software on all your devices<\/strong><\/h2>\nWe also recommend going beyond Google Play Protect to keep yourself from having your data breached. As we all know, free is not always the way to go, especially when we are talking about antivirus protection. Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Find my review of Best Antivirus Protection here<\/u>.<\/p>\nHow to keep yourself safe from cyber espionage tool VajraSpy\u00a0RAT and other Trojans<\/strong><\/h2>\nRemember, the bad guys behind VajraSpy\u00a0and similar malware perpetrators are pretty quick. They keep infecting new apps with this Trojan, so always keep an eye out by using the following tips:<\/p>\n
Tip #1<\/strong> – To avoid getting your Android infiltrated by VajraSpy\u00a0RAT, don’t download any apps that are recommended by someone you don’t know or don’t know well<\/strong>. And if the message does come from someone you know, always be a little skeptical, especially if you have never heard of the app.<\/p>\nTip #2<\/strong> – Make sure to only download apps from reputable app stores<\/strong> you’re familiar with, too. Keep in mind, though, that these bad actors are able to get new apps to slip through the cracks of Google Play time and time again. Therefore, it’s important to employ a mix of different strategies to keep yourself safe.<\/p>\nTip #3<\/strong> – One way to know whether or not an app is safe is by looking at how many downloads it has<\/strong>. If it has a small number of downloads, chances are it could be a scam. Also, look at how many reviews<\/strong> it has and what those reviews are and do a quick check to see if someone mentioned it as a scam or not. A good rule of thumb is if you don’t need it, and you’re not sure, don’t download it.<\/p>\nThe good news is that compared to other spyware apps, VajraSpy\u00a0hasn’t been that successful. We know this by looking at the amount of downloads\/installations of the apps it disguises itself as. That being said, those third-party app stores where you can still find a lot of these malicious apps don’t track downloads well, so it’s hard to know how many victims fell for VajraSpy there.<\/p>\n
\n
<\/source><\/source><\/source><\/source><\/picture><\/div>\n\n
\n
A man on his Android phone<\/span> (Kurt “CyberGuy” Knutsson)<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\nMORE: BEWARE OF THIS MCAFEE GOOGLE CHROME AD SCAM<\/u><\/strong><\/p>\nKurt’s key takeaways<\/strong><\/h2>\nThough there are much bigger scams to be concerned with, letting your guard down could make you more vulnerable to attacks like this cyber espionage tool called VajraSpy\u00a0RAT. To protect your Android and your data, just remember to be cautious if you see an invitation to download a messaging app from someone you don’t know well. Also, invest in antivirus software to protect your Android.<\/p>\n
Have you ever received a strange message that asked you to download an app? What happened? Let us know by writing us at <\/strong>Cyberguy.com\/Contact<\/u><\/strong>.<\/u><\/strong><\/p>\n For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com\/Newsletter<\/u><\/strong>.<\/u><\/strong><\/p>\n Ask Kurt a question or let us know what stories you’d like us to cover<\/u>.<\/u><\/p>\n
Answers to the most asked CyberGuy questions:<\/p>\n
Copyright 2024 CyberGuy.com.\u00a0All rights reserved.<\/i><\/p>\n<\/div>\n[ad_2]\n","protected":false},"excerpt":{"rendered":"
[ad_1] Join Fox News for access to this content Plus special access to select articles and other premium content with your account – free of charge. Please enter a valid email address. By entering your email and pushing continue, you are agreeing to Fox News’ Terms of Use and Privacy Policy, which includes our Notice …<\/p>\n","protected":false},"author":1,"featured_media":29209,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"_links":{"self":[{"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/posts\/29207"}],"collection":[{"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/comments?post=29207"}],"version-history":[{"count":0,"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/posts\/29207\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/media\/29209"}],"wp:attachment":[{"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/media?parent=29207"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/categories?post=29207"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/farratanews.online\/wp-json\/wp\/v2\/tags?post=29207"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}