Crime

Pakistan-linked hackers using these three apps as spywares to target Android users in INDIA

A Pakistan-linked hacker group named ‘Transparent Tribe’ is using fake Android apps and mimicking YouTube to spread the CapraRAT mobile remote access trojan (RAT).

Transparent Tribe also known as APT36. They target Indian entities for intelligence-gathering purposes, relying on an arsenal of tools capable of infiltrating Windows, Linux, and Android systems. According to PCrisk, CapraRAT is the name of an Android remote access that’s been active since 2013 and typically targets military and diplomatic personnel in both India and Pakistan. It is known that CapraRAT is used by an advanced persistent threat group (ATP) called APT36.

CapraRAT Doing RAT Things

Two of the packages aim to trick users and make them download what they think is the legitimate YouTube app, and a third uses romance-based social engineering by reaching out to a YouTube channel belonging to a persona called “Piya Sharma,” which includes uploads of several short clips of a woman in various locations. In a campaign earlier this year, the group also distributed CapraRAT via Android apps disguised as a dating service, which has become a common lure theme for delivering the malware. Once downloaded, the malicious app requests several device permissions, some that make sense for YouTube, like, taking photos and videos, and gaining microphone access. Other requested permissions, like, the ability to send, receive, and read SMS messages. 

“These apps mimic the appearance of YouTube, though they are less fully featured than the legitimate native Android YouTube application,” SentinelLabs security researcher Alex Delamotte has said.

Defense Measures against These Spywares

Android users should never install Android applications distributed outside of the Google Play store and should avoid downloading new social media applications advertised in various social media communities. In addition to those people also should evaluate the permissions requested by an application that they download. To make sure that they are safe people should never install a third-party version of an application that’s already present on their device.

New Staff

Recent Posts

Students Cause Ruckus Outside Allu Arjun’s House, Vandalism Leads to Arrests

A group of people claiming to be members of the Osmania University Joint Action Committee…

13 hours ago

IND vs WI: Mandhana and Renuka Shine as India Crushes West Indies in First ODI

IND vs WI: The Harmanpreet Kaur-led Indian Women's Cricket Team has made a great start…

13 hours ago

Stone Pelting at Allu Arjun’s House: Viral Photo Links Attacker to Revanth Reddy

Actor Allu Arjun's troubles are not reduced in the stampede case during the Pushpa-2 screening.…

13 hours ago

India Likely to Face Pakistan on February 23 in Champions Trophy 2025 at Dubai or Colombo

Questions are constantly arising in the mind of every cricket lover about when India and…

2 days ago

BCCI to Announce New Secretary on January 12, Big Name Expected

The Board of Control for Cricket in India is going through a change phase these…

3 days ago

Explosion from chemical tanker: 40 vehicles burnt to ashes in Jaipur highway!

A terrible accident has occurred in Jaipur, the capital of Rajasthan. There has been a…

3 days ago