Safechat Android App: Cybersecurity Organization, Cyfirma has recently explored a stressful development about hackers using a Malicious Android Application ‘Safechat’ to steal whatsapp users data from tageted people in the region, whcih also includes India. A massive malicious payload is pushed through WhatsApp Chat which makes it a potent threat for Unsuspecting users. After a deep technical Analyses, Cyfirma came to a conclusion that Advance Persistent Threat (APT) group Bahamut is the perpetrator behind this malicious attack, as per IANS.
The malicious nature of the Attack, coupled with past incidents which includes APT Bahamut, observing the equation, it seems like that it may have been deployed to serve the interests of a particular Nation-state Government.
Prior Incidents demonstrates that APT Bahamut has targeted khalistani Supporter, who had the agenda of making a seprated nation which aims to pose a significant threat to India. Futher, this group was also inddulged in aiming military establishments in Pakistan and Individuals in Kashmir, all of which are aligned with the interest of specific nation-state government.
Spyware With Increased Threat Capabilities
The Android Application Spyware used in this malicious attack is suspected as a version of “Coverlm” which is specially architectured to steal the data from various commumnication apps which includes- Telegram, Signal, WhatsApp, Viber and Facebook Messenger. This version of APT Bahamut exhibits more permissions and pose a higher level of threat than the previous Notorious APT Group known as ‘DoNot’.
Misleading App Interface
The Android Application ‘Safechat’ appears on the primary menu when you install it, presenting a fake sense of authenticity. When users open the App, users are notofied that it is a secure chatting App, which makes its image as a legitimate platform. But, ultimately the aims of the hackers get very clear, when this App asks for excessive permission and starts the data extraction process.
Concluding their extensive research on APT Bahamut Group, Cyfirma team strongly suggests that the APT Group operates within Indian Territory.
Keep watching our YouTube Channel ‘DNP INDIA’. Also, please subscribe and follow us on FACEBOOK