Researchers have discovered an active espionage campaign 'eXotic Visit', targeting Android users via fake messaging apps that are distributed through dedicated websites and Google Play, a new report said on Wednesday.
According to ESET Research, the campaign appears to primarily target a select group of Android users in India and Pakistan.
The researchers have tracked the eXotic Visit campaign's activities from November 2021 through to the end of 2023.
While the downloaded apps provide legitimate functionality, they come bundled with open-source XploitSPY malware.
"Apps that contain XploitSPY can extract contact lists and files, the device's GPS location, and the names of files listed in specific directories related to the camera, downloads, and various messaging apps such as Telegram and WhatsApp," the researchers said.
"The malware also uses a native library, which is often used in Android app development for improving performance and accessing system features. However, in this case, the library is used to hide sensitive information, like the addresses of the C&C servers, making it harder for security tools to analyze the app," they added.
Apps like Dink Messenger, Sim Info, and Defcom were taken down from Google Play.
Moreover, the report identified ten additional apps that contain code that was based on XploitSPY and shared its findings with Google. Following that, the apps were removed from the store.
Overall, around 380 victims have downloaded the apps from websites and Google Play store and created accounts to use their messaging functionality, the report said.
(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)
Featured Video Of The Day
Decoding Bihari Slangs With Gurmeet Choudhary
Google Play Store Will Soon Showcase a New Space for Apps to Show Content-Led Experiences: Report Samsung Good Lock App Reportedly Available on Google Play Store in Early Access Microsoft Finds Major Security Flaw ‘Dirty Stream’ in Android Apps Totalling Billions of Downloads Amid Huge Row, Karnataka Pauses Bill For Reservation In Private Sector Firms Travel Influencer Aanvi Kamdar Dies After Falling Off A Waterfall Near Mumbai UP Banker Dies By Suicide After 6 Months Of Bullying, Body-Shaming Major Crackdown Launched On Terror Network In J&K After Doda Encounter UK's New Government Vows To Remove 92 Unelected Peers From Upper House EU's Carbon Tax Could Cost India 0.05% Of GDP: Report Track Latest News Live on NDTV.com and get news updates from India and around the world.