Jakarta, IndonesiaSentinel.com — Researchers from ESET have discovered several dangerous apps on Android devices that can access users’ financial information. The apps in question—Dink Messenger, Info Sim, and Defcom—are reported to deliver malware directly to users’ phones.
According to ESET’s cybersecurity team, these apps use advanced techniques to deploy malware. The malware, known as XploitSPY, can extract contact lists, GPS location, and filenames from directories related to camera, downloads, and messaging apps like Telegram and WhatsApp.
“Apps containing XploitSPY are capable of retrieving sensitive data, including contact lists and GPS locations, as well as details from specific directories,” ESET’s researchers told Yahoo News on Sunday, August 25, 2024.
The malware also employs native libraries, which are typically used by Android developers to enhance app performance and system feature access. However, for cybercriminals, these libraries can store sensitive information such as the address of the command and control server, complicating the analysis for security tools.
Ransomware Victims Pay $450 Million in Early 2024
In addition to accessing financial information, the malware collects other data from the device, including contact lists and GPS information.
Reports indicate that most victims of this malware are located in India and Pakistan. Users who still have these three apps installed are advised to remove them immediately from their devices.
How to Remove the Apps:
- Open the Google Play Store app.
- Tap on the Profile icon and select “Manage Apps and Devices.”
- Search for the app you wish to uninstall.
- Click the “Uninstall” button to remove the app from your device.
(Ray)