Android device owners are advised to remove three apps identified as dangerous by ESET’s cyber security experts.
The apps, Dink Messenger, Sim Info and Defcom, are allegedly embedded with the XploitSPY malware, which poses a significant risk to users’ personal and banking information.
This warning follows the discovery by ESET researchers, who determined that these cloned apps are part of a wider malicious campaign primarily targeting users in India and Pakistan since November 2021.
However, the threat is global because the apps are available on the Google Play store and can affect any user who downloads them.
“The apps are designed to extract vital information such as contact lists, files and even the device’s GPS location,” said one ESET researcher.
They further explained that the applications use the native library to camouflage the addresses of the malware’s command and control servers, thereby avoiding detection by standard security tools.
In addition to the three primary applications, ESET has identified 10 other applications that share the underlying malicious code with XploitSPY.
Google has since reported all the identified apps and taken steps to remove them from the Play Store.
Android users are advised to immediately check their devices for these apps and uninstall them if found. To remove an app, users can go to the Google Play Store, tap the profile icon, select “Manage apps and devices,” select the app in question, and tap “Uninstall.”
Source: Editorial office