Skip to main content

If you have one of these apps on your Android phone, delete it immediately

The app drawer on the Google Pixel 8 Pro.
Joe Maring / Digital Trends

The NSO Group raised security alarms this week, and once again, it’s the devastatingly powerful Pegasus malware that was deployed in Jordan to spy on journalists and activists. While that’s a high-profile case that entailed Apple filing a lawsuit against NSO Group, there’s a whole world of seemingly innocuous Android apps that are harvesting sensitive data from an average person’s phone.

The security experts at ESET have spotted at least 12 Android apps, most of which are disguised as chat apps, that actually plant a Trojan on the phone and then steal details such as call logs and messages, remotely gain control of the camera, and even extract chat details from end-to-end encrypted platforms such as WhatsApp.

The apps in question are YohooTalk, TikTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat. Needless to say, if you have any of these apps installed on your devices, delete them immediately.

Notably, six of these apps were available on the Google Play Store, raising the risk stakes as users flock here, putting their faith in the security protocols put in place by Google. A remote access trojan (RAT) named Vajra Spy is at the center of these app’s espionage activities.

A chat app doing serious damage

A phone spying on a person.
Dall.E-3 / Digital Trends

“It steals contacts, files, call logs, and SMS messages, but some of its implementations can even extract WhatsApp and Signal messages, record phone calls, and take pictures with the camera,” says the ESET finding report.

Notably, this won’t be the first time that Vajra Spy has raised alarm. In 2022, Broadcom also listed it as a Remote Access Trojan (RAT) variant that leverages Google Cloud Storage to gather data pilfered from Android users. This malware has been linked to the threat group APT-Q-43, which is known to target members of the Pakistani military establishment specifically.

VajraSpy’s apparent objective is to harvest information from the infected device and capture the user’s data, such as text messages, WhatsApp and Signal conversations, and call histories, among other things. These apps, most of which disguised themselves as chat apps, employed romance-aligned social engineering attacks to lure the targets.

This is a recurring theme, especially given the target of the apps. In  2023, Scroll reported on how spies from across the border are using honey traps to lure Indian scientists and military personnel to extract sensitive information using a mix of romance and blackmailing efforts. Even the FBI has issued an alert about digital romance scams, while a White House staffer lost over half a million dollars in one such trap.

Security warning illustration on a phone.
Dall.E-3 / Digital Trends

In the most recent case of VajraSpy deployment, the apps were able to extract contact details, messages, a list of installed apps, call logs, and local files in different formats such as .pdf, .doc, .jpeg, .mp3, and more. Those with advanced functionalities mandated using a phone number, but in doing so, they could also intercept messages on secure platforms such as WhatsApp and Signal.

Aside from logging the text exchange in real-time, these apps could intercept notifications, record phone calls, log keystrokes, take pictures with the camera without the victim knowing about it, and take over the mic to record audio. Once again, the latter is not surprising.

We recently reported on how bad actors are abusing push notifications on phones and selling the data to government agencies, while security experts told Digital Trends that the only fool-proof way to stop this is to disable notification access for apps.

Nadeem Sarwar
Nadeem is a tech journalist who started reading about cool smartphone tech out of curiosity and soon started writing…
This TCL phone has a screen unlike any I’ve used before
TCL 50 XE NxtPaper phone held in hand.

My black iPhone 16 Pro Max feels comfortable in my hand. It is arguably the best smartphone currently available, with all the features one could want in a mobile device in late 2024. However, not everyone desires a phone that can do everything. I've found a great option for individuals prioritizing an Android phone with 5G capabilities, long battery life, an easy-on-the-eye display, and nearly unlimited storage. Surprisingly, this option doesn't come from Samsung or Google.

In 2021, TCL revealed Nxtpaper technology, which offers a paper-like display experience for handsets and tablets. We highlighted Nxtpaper when it was announced and have since examined some of its products, such as the Nxtpaper 12 Pro and, most recently, the TCL Nxtpaper 11. Based on all this chatter, I wanted to learn more about it and get my hands on one of the devices.
A quick overview of the TCL 50 XE Nxtpaper 5G

Read more
The Galaxy S25 Ultra may have another edge over the iPhone 16 Pro Max
The Desert Titanium iPhone 16 Pro.

The Samsung Galaxy S25 Ultra is not likely to be revealed until early next year. However, that hasn't stopped a flood of rumors from circulating in recent months. The latest one comes from someone familiar, Ice Universe.

According to the leaker, the Galaxy S25 Ultra has bested Apple's recently released iPhone 16 Pro Max in terms of benchmarks. A result shared with Ice Universe showed that the phone achieved a single-core score of 3,011 and a multi-core result of 9,706. By contrast, its predecessor, the Galaxy S24 Ultra, has an average single-core score of 2,142 and an average multi-core score of 6,693. These are both significant jumps from one generation to the next.

Read more
The Xiaomi 14T Pro is a cool (but confusing) new Android phone
The back of the Xiaomi 14T Pro.

Xiaomi’s T-series smartphones are always quite confusing, as you may expect them to be a straight mid-generation upgrade over the older non-T series phone. However, this is not always so, and the Xiaomi 14T Pro proves it.

The design has undergone some changes compared to the Xiaomi 14 Pro, with the camera module on the back taking on a more iPhone-like style. The flattened aluminum chassis gives a similar in-hand feel to recent iPhone models, too. It can’t hide its 209-gram weight or the 8.3mm thickness, making it a very substantial phone. It does feel high-quality and suitably durable, plus the 14T Pro has an IP68 dust and water resistance rating.

Read more