Whatsap and Facebook users have been warned over an android app, which could steal your private texts. A special breed of communications- stealing malware has been attacking the Google play store according to cyber researchers at Cyfirma. The malware exhibits similar operational mechanisms to those previously identified but this bug has more permissions and presents more of a threat according to the company. The apps successfully deceives its users and allows the thereat actor to extract necessary information before the victim realizes it is a dummy. While the app has since been removed from the Playstore, it will remain on your Android if you downloaded it beforehand. In this case, you’ll have to delete the app, ironically called Safechat manually. The Indian hacking group known as “Bahamas” is thought to have injected the app with spyware, which steals texts, call logs and GPS locations from Phones.  The hacking circle has been active since 2017 and has targeted a wide range of platforms, including iOS, Android, and windows according to Cyfirma.

Last year, the group was linked to suing fake VPN apps for Androids services, which were designed to extract sensitive user data and actively spy on victims’ messaging apps such as Whatsapp, Facebook Messenger, Signal, Viber and Telegram.

ESET researchers reportedly found at least eight versions of the Bahamut spyware, which they said could mean the campaign is well maintained. The malicious apps were never available for download from Google play. The report warned ‘if the Bahamut spyware is enabled, then it can be remotely controlled by Bahamut operators and can exfiltrate various sensitive device data, such as contacts, SMS messages, call logs, a list of installed apps, device location, device accounts.

This software can also uncover device information, such as the type of internet connection, IP address or SIM serial number.

Tech experts at Cyfirma have not revealed how hackers lured people into downloading SafeChat. Cyber experts suspect Bahamut to have been working on behalf of a specific state government in India. But a common method is by suggesting to move a conversation to a ‘more secure platform, according to bleepingComputer. Experts at Cyfirma said Bahamut targets phones specifically in the South Asia region, but the app could have been downloaded by anyone in the world, putting more Android users at risk.

credits: MailOnline