"Google Play Used to Spread 'Patchwork' APT's Espionage Apps"
"Google Play Used to Spread 'Patchwork' APT's Espionage Apps"
Patchwork, an Indian Advanced Persistent Threat (APT) group known for its targeted spear phishing cyberattacks on Pakistanis, has been using Google Play to distribute six different Android espionage apps masquerading as legitimate messaging and news services. They include a newly discovered Remote Access Trojan (RAT) called VajraSpy. ESET researchers who discovered the campaign found that the VjjaraSpy RAT intercepts calls, SMS messages, files, contacts, and other data. They can also extract WhatsApp and Signal messages, record phone calls, and take pictures.