Cybersecurity researchers from ESET found a handful of malicious Android apps that were spying on people and stealing sensitive information from their mobile devices.
In a press release shared with TechRadar Pro earlier this week, the researchers said that a new threat actor group, which they dubbed Virtual Invaders, was active from late 2021.
They created a number of Android apps, posing as communications products, which also came with the open-source XploitSPY malware. They called the campaign “eXotic Visit.”
Low download count
On the surface, the apps worked as intended, offering rudimentary communications services. However, behind the curtains lies malware that extracted people’s contact lists and files, the device’s GPS locations, file names listed in specific directories…
Source link
