Taking advantage of WhatsApp’s huge global user base and popularity, cybercriminals are now constantly trying to commit fraud. It is heard that there are many attempts to fool the common people – sometimes in the name of a company, sometimes by fake call-messages and sometimes by some tempting offers. Hackers have found a new way to keep WhatsApp users on their radar, though not directly this time. It has recently been reported that a spyware-powered Android app named ‘SafeChat’ is being used to infect multiple devices. So if you are using both Android smartphone and WhatsApp then you need to be careful now. Because this malicious software called SafeChat steals data of WhatsApp users as well as other sensitive information including call logs, text messages and GPS location from phones.
SafeChat is a big risk for the people of India
The SafeChat spyware is suspected to be a variant of ‘Coverlm’, a malware that targets messaging apps like Facebook Messenger, Telegram, Signal and WhatsApp. According to CYFIRMA researchers, an Indian APT hacking group named ‘Bahamut’ is spreading this malware. Their recent cyber attack primarily targeted WhatsApp users with spear-phishing messages that directly present malicious payloads. It should be noted that attempts have been made before to trap ordinary people with spyware in the same manner as Bahamut, i.e. fake chat apps. But this time it is feared that the danger to the people of India and South Asia is more. Note that it grabs all the necessary details before the user realizes it.
How does SafeChat steal data?
According to reports, the hackers fool the victim into installing it as a genuine chat app, and once the app is installed, it asks for permission to use accessibility services. It automatically gets access to data like victim’s contact list, SMS, call logs, external device storage and GPS location as soon as permission is granted. It even asks to keep battery optimization option off. In this case, when a user turns on/off various options of the app, it interacts with other pre-installed chat apps and steals data like chats, media files and sends it to other servers (read hackers).
What to do to be safe?
Cyber attacks are nothing new these days, but always beware of such incidents and malware. To avoid danger in this case –
1. Only install apps from official app stores or trusted sources like Google Play Store.
2. Check App Permissions to see which mobile apps are accessing your data or permissions unnecessarily.
3. Also, regularly update your Android device with the latest software and security patches.
4. Keep a trusted antivirus or security app installed to scan the device regularly.