A hacking group called SpaceCobra has created messaging apps that can easily steal sensitive user information. The nefarious gang behind the app chooses very specific targets.
Researchers at cyber security company ESET (ESET) recently identified two messaging apps, BingeChat and Chetiko, that use the Android-based GravityRAT (GravityRAT) aka Remote Access Trojan.
It is capable of extracting rate call log, contact list, SMS message, device location and files etc. But these two apps also have some capabilities that other Gravity Rate doesn’t and that is that these apps can steal WhatsApp backups and receive commands to delete files.
The way this malware is being promoted makes this campaign even more unique. These apps cannot be downloaded from app stores and never on Google Play Never even uploaded. They can be downloaded only after opening an account from a specific website.
This became a concern for the researchers when they accessed the website to create an account and could not open the account due to registration closure.
This led the researchers to conclude that the group targets very specific individuals, possibly by looking at their location or IP address.
