Android users warned to delete 3 malicious apps

Android device owners are advised to remove three apps that ESET cyber security experts have identified as dangerous.

The apps, Dink Messenger, Sim Info, and Defcom, are reportedly embedded with the XploitSPY malware, which poses significant risks to users' personal and banking information.

This warning follows a discovery by ESET researchers, who have determined that these clone apps are part of a broader malicious campaign primarily targeting users in India and Pakistan since November 2021.

However, the threat is global, as the apps are available on the Google Play Store and could affect any user who downloads them.

"The apps are designed to extract vital information such as contact lists, files, and even the device’s GPS location," said one ESET researcher.

They further elaborated that the apps use a native library to camouflage the malware's command-and-control server addresses, thus evading detection by standard security tools.

In addition to the three primary apps, ESET has identified 10 other applications that share the underlying malicious code with XploitSPY.

Since then, Google has reported all identified apps and taken steps to remove them from the Play Store.

Android users are advised to immediately check their devices for these apps and uninstall them if they find them. To remove an app, users can navigate to the Google Play Store, tap on the Profile icon, select 'Manage apps and devices,' choose the app in question, and tap 'Uninstall.'

Source: Newsroom