Beware! Behind the face of advancing technology lies a dark underbelly – that of evolving cyber crime. Here, perpetrators continually adapt their strategies, exploiting current events, government websites, and even trusted organizations’ legitimate applications to deceive users. This sophisticated approach involves the use of trusted names and logos to entice individuals into downloading fake apps with malicious intent. As cyber criminals become more adept at social engineering, it becomes imperative for individuals and businesses to remain vigilant against evolving threats. The continuous search for new avenues to target victims and gather sensitive information highlights the importance of proactive protection.
To ensure digital safety and security, Seqrite Labs actively monitors cybersecurity news and forums, staying abreast of the latest trends and threats. This proactive stance is essential for safeguarding our users against the dynamic landscape of cyber threats. In this blog, we will be delving into the anatomy of fake apps, their malicious distribution, and how vigilant brands can defend themselves against the damaging impact of these deceptive digital doppelgängers.
The trend of fake apps is one offshoot of evolving technology, and shows no signs of receding even when Google had taken steps to purge 36 counterfeit Android security apps from the Google Play Store in 2018. These impostors, whether on Android or iOS, replicate the appearance and functionality of legitimate applications. Their insidious purpose? To deceive unsuspecting users into unknowingly welcoming them into their devices. Once they succeed with infiltration, these deceptive applications are capable of serious malicious actions, from aggressive ad displays for revenue, to illegal gathering and distribution of user’s credentials and sensitive data.
ChatGPT is one of the most rapidly expanding consumer internet apps in history, and has become a force to be reckoned with, captivating a weekly audience of 100 million users as per The Verge. Ever since its unveiling a year ago, ChatGPT has become a game-changer in the AI landscape, enhancing content quality, providing virtual tutoring for education and training, and ensuring swift response times for users. Its 24/7 availability, multilingual support, and personalized interactions contribute to a seamless experience.
With scalability, natural language understanding, and a focus on digital accessibility, ChatGPT is not just a tool; it’s a catalyst for innovation, revolutionizing how we engage with information and assistance. Unfortunately, the simplicity and user-friendly interface of ChatGPT, available around the clock, are exploited by threat actors who distribute Android malware disguised as fake ChatGPT applications with harmful spyware capabilities. Researchers at Quick Heal have identified such deceptive applications, emphasizing the need for heightened awareness and protective measures against these insidious tactics.
Upon analysis, the Fake ChatGPT app requires some risky permissions, as shown in Fig 01:
Fake ChatGPT App : How it Works
When clicking on the application icon to launch, users are redirected to the accessibility page where they are prompted to provide accessibility permission to the fake application.
Upon providing accessibility permissions, the application hides its icon and runs it in the background.
This app collects location-related data.
Additionally, it monitors incoming calls to device.
Quick Heal can detect such malicious applications with variants of “Android.SpyNote.GEN.”
It is recommended that all mobile users should install a trusted Anti-Virus like “Quick Heal Mobile Security for Android” to mitigate such threats and stay protected. Our antivirus software restricts users from downloading malicious applications on their mobile devices. Download your Android protection here
As depicted above, malicious actors lure users by employing icons resembling those of legitimate applications. These SpyNote applications can cause significant harm to the infected devices. Users should be aware of such ongoing cyber scams when downloading and installing applications from untrusted sources.