WhatsApp users must delete two rogue Android apps NOW before they steal your private chats

ANDROID owners are being urged to check their phones for two rogue apps which can steal your WhatsApp conversations.

A recent investigation by internet security firm ESET revealed that a new version of spyware known as GravityRAT was being distributed on Android phones – using two messaging apps as a cyber-trojan-horse.

GravityRAT is a remote access tool which essentially grants hackers full control over a device from a remote location


GravityRAT is a remote access tool which essentially grants hackers full control over a device from a remote locationCredit: Getty – Contributor

The malicious messaging apps are called BingeChat and Chatico, and have been available to download online – but not via the official Google Play Store.

The pair present as a free messaging and file sharing service.

But their real purpose is much more sinister.

These apps have been injected with malware that can delete and steal vast amounts of data, including WhatsApp backup files, SMS messages, contact lists, device location, as well as photos and documents files.

Millions of Android owners warned of 22 bank-raiding 'stalkerware' phone apps
Android users issued Google warning to block 'creeps' viewing your locations

GravityRAT is a remote access tool, which had previously been used in targeted cyber attacks in India, but essentially grants hackers full control over a device from a remote location.

The malware strain has been active since at least 2015, Bleeping Computer points out, but has only grown popular among Android-targeting hacking groups since 2020.

In a statement, ESET researcher Lukáš Štefanko, who investigated the malicious apps, said: “We found a website that should provide the malicious app after tapping the DOWNLOAD APP button; however, it requires visitors to log in.

“We didn’t have credentials, and registrations were closed.

Most read in Phones & Gadgets

“It is most probable that the operators only open registration when they expect a specific victim to visit, possibly with a particular IP address, geolocation, custom URL, or within a specific timeframe

“Although we couldn’t download the BingeChat app via the website, we were able to find a distribution URL on VirusTotal.”

The cyber crook behind this particular campaign remains unknown, according to ESET.

Although one silver living for the average Android user is that this malicious campaign “is very likely highly targeted” to specific individuals of interest, ESET said in its report.

So, it’s unlikely that your average WhatsApp-using joe will be of interest to this hacker.

However, if you do have this app on any of your devices – it’s best to delete it immediately.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]