WhatsApp, Messenger, Signal, Telegram: this fake Android app steals all your conversations

A chat program named SafeChat, which has been widely used in Southeast Asia, is essentially malware that steals all the data included in similar applications like WhatsApp, Telegram, and Facebook Messenger.

Malware on Android is an unending battleground. Every time Google improves user protection, hackers discover a method to circumvent it. They are no longer able to broadcast their infected software from the Play Store. Not a problem; they will instantly message you a download link. The cybersecurity company FERMA has found this. The Indian hacking collective known as Bahamut started a significant campaign across Southeast Asia.

They provide a link to download SafeChat, a purportedly more secure chat app, in a WhatsApp conversation. After installation, a screen that asks to be excluded from Android’s battery optimization mechanism, which halts background operations, opens. Since it activates a messaging service that has the ability to postpone or stop message delivery, it appears to be authentic. After creating an account, the victim must provide access to the accessibility features. The pirates then sped away on the mobile.

Fake SafeChat app steals secure Android messaging data

The virus employed is identical to Coverlm, which the Bahamut organization has previously utilized. The malicious program accesses and downloads the GPS data, the directory, the external memory, the SMS, and the call log before the user realizes the deceit. But that’s not all; he also uses other, secure messaging apps that are loaded on the phone. Telegram, Signal, WhatsApp, and Messenger are not secure.

The pirates are then supplied with all the information gathered. The threat appears to be limited to South-East Asia at the time, but it is not assured that it does not expand beyond that region. Keep in mind that you must exercise great caution when installing Android apps from sources other than the official Google Play Store, particularly if you weren’t the one to initiate the procedure.

Related posts

GTA 6 is guaranteed to launch on time, Take-Two quashes delay rumors

Be wary of SteelFox malware attacking Windows using a copyright-cracking tool

Apple chose Foxconn and Lenovo to develop an AI server based on Apple Silicon