Android users in the United Arab Emirates have been subjected to a pair of spyware campaigns involving counterfeit versions of the Signal and ToTok messaging apps, according to The Hacker News.Fake websites purporting to be Signal and ToTok have been leveraged to facilitate the distribution of illicit APKs for Signal Encryption Plugin and ToTok Pro as part of the ProSpy campaign, which has been underway since last year, a report from ESET revealed.Downloading the apps prompts permissions for contact, SMS, and file access, resulting in eventual device data theft. On the other hand, the ToSpy campaign, which has been ongoing since 2022, involved the use of a fraudulent Samsung Galaxy Store site, as well as Huawei's AppGallery."Users should remain vigilant when downloading apps from unofficial sources and avoid enabling installation from unknown origins, as well as when installing apps or add-ons outside of official app stores, especially those claiming to enhance trusted services," said ESET researchers.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds





