ESET discovers a chat app spying on users and leaking stolen data

ESET researchers have discovered a new operation within a long-running cyber-espionage campaign in the Middle East, apparently with links to the threat actor group known as Gaza Hackers, or Molerats. Instrumental in the operation is an Android app, Welcome Chat, which serves as spyware while also delivering the promised chatting functionality. The malicious website promoting … More ESET discovers a chat app spying on users and leaking stolen data

Android keyboard app caught red‑handed trying to make sneaky purchases

The virtual keyboard app ai.type, which has racked up 40 million downloads, has been found to sign up users to premium services without their consent. The Android version of the popular virtual keyboard app ai.type has attempted to make over 14 million unauthorized transactions that could have cost the users US$18 million in unwanted charges, … More Android keyboard app caught red‑handed trying to make sneaky purchases

Tracking down the developer of Android adware affecting millions of users

ESET researchers discovered a year-long adware campaign on Google Play and tracked down its operator. The apps involved, installed eight million times, use several tricks for stealth and persistence. We detected a large adware campaign running for about a year, with the involved apps installed eight million times from Google Play alone. We identified 42 … More Tracking down the developer of Android adware affecting millions of users

First‑of‑its‑kind spyware sneaks into Google Play

ESET analysis breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice. ESET researchers have discovered the first known spyware that is built on the foundations of AhMyth open-source malware and has circumvented Google’s app-vetting process. The malicious app, called Radio Balouch … More First‑of‑its‑kind spyware sneaks into Google Play

Facebook hits two app developers with lawsuit

The legal action, brought over alleged click injection fraud, is said to be among the first of its kind. Facebook announced this week that it is suing two Asia-based Android app developers over alleged ad fraud. The social network alleges that LionMobi, based in Hong Kong, and JediMobi, based in Singapore, made apps available on the Google … More Facebook hits two app developers with lawsuit