VajraSpy is a powerful and dangerous privacy and banking Trojan that has been found in 12 infected Android apps, 6 of which have been published on the Play Store.
February opened with New malware alertbecause a new group of 12 infected Android applications From a dangerous virus: mouse (Remote access trojan) named VajraSpy. The cybersecurity company made the discovery ESETwhich develops and distributes antivirus software of the same name.
Like most RAT programs, so is VajraSpy Very dangerous Because he is capable of it Spy on your phone accurately From the victim. As unfortunately often happens, some of these applications were also published on… Google Play Store Which, in theory, should be secure thanks to the checks performed before publication.
What applications are infected?
All 12 infected apps Application in chatwhich they imitate in a rather blatant manner WhatsApp Or Chinese WeChat. However, behind the appearance, there is nothing of what is necessary today in a chat application: no privacy, no encryption of messages, but instead of these functions, Dangerous virus. The affected applications are the following:
- private conversation
- meet me
- let's talk
- Quick chat
- Chit chat
- Tik Tok
- Hello chat
- Wave chat
Why VajraSpy is dangerous
VajraSpy that it Trojan already known For some time, ESET itself discovered another app in January 2023, called Companions, which contained it. Other reports date back to 2022.
It is a RAT, and therefore a Remotely controlled Trojan. When the phone is infected, VajraSpy is a tool Complete espionage And very effective. It can actually access your address book, steal contacts, read SMS and notifications (including those with i Codes to allow bank transfers), take photos and record videos without the user knowing.
In some of its versions VajraSpy enables to do this Read WhatsApp conversations And that of Signal, so its capabilities to spy on the user are complete and very powerful, and therefore dangerous.
Hence VajraSpy can be used for both Spy purposes Which, trivial, for Stealing money from victims: Once malware is able to read notifications, in fact, it can be used with other malicious code to also allow payment and transfer of money from the victim's account, without his knowledge.
How to defend yourself from VajraSpy
The 12 apps discovered by ESET are part of an infection campaign that the cybersecurity company attributes to A Collective hacker Mainly working in Pakistan H Indiaas the Trojan will currently be used primarily for Spying on public figures.
However, the fact is that the hackers managed to get by just fine 6 infected apps in Play Store It tells us that we have to be very careful Also in EuropeBecause it is also possible that someone downloads it from Italy or other European countries.
In fact, more often than not, hacker groups use European users to do this Earn coins and collect moneyIt is then used to finance its core activities elsewhere.
As we saw, VajraSpy It can also be used for this purpose, therefore, Very likely His attendance will be registered within a few months Also on our continentinside some other infected applications.
the Prevention measuresTaking into account that we still do not know how and when VajraSpy will be distributed in Europe, it is classic and relies on a very cautious attitude: Every installed applicationeven if it comes from the Play Store, It is a potential danger.
Only the most popular apps are reasonably safe, so it's always a good idea to download them Only absolutely necessary applications Avoid downloading unknown and questionable reliability apps.
Finally, before downloading any app, you should always read the app list Permissions required by the application. No virus can spy on us if we do not first give its application permission to access our contacts, SMS, camera, microphone and location.
“Incurable internet trailblazer. Troublemaker. Explorer. Professional pop culture nerd.”