Hackers target Android users by downloading “malicious” applications

Information security researchers discover software used for hacking by tricking victims into downloading a malicious Android app.

  • A group of programs added to the electronic piracy list

Researchers in the field of information security discovered that the hacking group (StrongPity APT) is publishing a fake application for the chat service (Shagle).

It is noteworthy that (Shagle) is a random video chat platform that allows strangers to talk to each other through an encrypted communication channel, and the platform is entirely on the web, and it has no application on mobile devices.

Researchers discovered that since 2021, the StrongPity group has been using a fake website that impersonates the actual Shagle site to trick victims into downloading a malicious Android app.

This application enables hackers, once installed, to spy on targeted victims, including: monitoring phone calls, collecting SMS messages, and seizing contact lists.

The (StrongPity) group, also known as (Promethium) or (APT-C-41), is attributed to previous campaigns in which it published a Trojan version of the (Notepad++) application, and malicious copies of (WinRAR) and (TrueCrypt) applications, in order to infect Targets of malware.

Leave a Replay