Fake apps that provide YouTube Premium features for free could be a nuisance for users. According to a new security report, a Pakistani state-affiliated hacking group known as APT36 has begun distributing malicious YouTube-like Android apps to attack targets.
Malicious Android apps similar to YouTube found
Cybersecurity firm SentinelLabs has discovered three fake YouTube apps in recent months. Designed to mimic the YouTube interface, these apps reportedly deployed a remote access trojan called CapraRAT once installed on the device.
The malware is said to be capable of recording audio and video, accessing SMS messages, call logs and contacts, making phone calls and taking screenshots. This means that the seized device can be turned into a spying tool.
Researchers believe that the attack was carried out by Pakistan-based APT36. Although the group’s main target is users in the Asian market, it is said to be able to attack government and military officials.
Experts say that imitating a popular app like YouTube is crucial in tricking users. Once installed, the malware requests permissions that the YouTube app would not need.
In the wake of the fake YouTube attacks, let us emphasize once again that you should not use unofficial app stores. We also recommend that you double-check the permissions that apps ask for from the device and also run a Play Protect scan.
So what do you think about this issue? Please do not forget to share your thoughts with us in the comments.
{{user}} {{datetime}}
{{text}}