"Google Play Used to Spread 'Patchwork' APT's Espionage Apps"

Patchwork, an Indian Advanced Persistent Threat (APT) group known for its targeted spear phishing cyberattacks on Pakistanis, has been using Google Play to distribute six different Android espionage apps masquerading as legitimate messaging and news services. They include a newly discovered Remote Access Trojan (RAT) called VajraSpy. ESET researchers who discovered the campaign found that the VjjaraSpy RAT intercepts calls, SMS messages, files, contacts, and other data. They can also extract WhatsApp and Signal messages, record phone calls, and take pictures. The researchers discovered that the RAT apps were downloaded from the Google Play store over 1,400 times. This article continues to discuss the Patchwork APT and its use of Google Play.

Dark Reading reports "Google Play Used to Spread 'Patchwork' APT's Espionage Apps"

Submitted by grigby1

Submitted by Gregory Rigby on