Hackers steal Signal, Whatsapp user data with fake Android chat app

Note: The information about the fake Android chat app presented here is a reflection of IANS and has nothing to do with the website informing you about it.

Through Whatsapp chats, everything can be passed on including the link to other apps. When you register with these apps you will find a new chat interface. Before you know it, your valuable information is already stolen from you. How would you feel in such scenarios?

Hackers are everywhere and what’s interesting is the way they evolve each time the world thought they know enough about hacking. This time they have created a fake Android chatting app, iOS users are immune from it.

This fake Android chat app, SafeChat aims at South Asians and it includes Indians. According to the cyber security firm Cyfirma, malware meant for advanced Android devices is targeting these users. The initial analysis of Cyfirma revealed APT Bahamut is behind it.

Also Read: Now AI dating app replacing ‘genuine human interaction

Earlier APT Bahamut had targeted all Khalistani supporters as they want a different country for themselves. The app also targeted military installations in Pakistan and also Kashmir individuals.

It was pointed out that this particular app serves as a variant of Coverlm. With the help of such an app, they have previously stolen data from Whatsapp, Facebook Messenger, Signal, Telegram, and even Viber.

Now, it was found this particular messaging platform is more dangerous than the previous Coverlm. Even the notoriety of another social messaging app, DoNot is similar, and that too was provided via the Google Playstore.

How does fake Android chat app, SafeChat work?

SafeChat starts the installation process when one clicks on the link sent to them. Once installed, SafeChat will display itself on the main menu. Once a user opens the app, they would be convinced that they are using a secure messaging system.

Also Read: Threads lost half of its users, according to Meta chief Zuckerberg

Next, you are asked for permissions and then once these permissions are given your system is totally under a hacker’s control. The Cyfirma team confirms the API group to be operating within the Indian Territory.

The only way to prevent falling prey to this hacking instrument is to not engage with it. Whenever someone gets this kind of suspicious app downloading information, you need to immediately delete the link from your end so that even by mistake, you don’t fall prey to it.

The user interface will help users believe, they are authentic. It is to put people’s anxiety at ease when they share all the data. Read this article to understand how it operates so that you are not fooled by it ever.