Seniors Discount Club members, pay attention! If you're an Android user who enjoys messaging apps like WhatsApp and Facebook Messenger, we have some disturbing news.

An app called 'SafeChat' was released onto Google Play Store, with tech experts at cybersecurity firm Cyfirma warning that it is malware. Unfortunately, hackers had injected the app with spyware that steals text messages, GPS locations and call logs from users' devices without them ever realising.

Fortunately, the app has been removed from the Google Play Store. However, it could still be on your Android device if you downloaded it in the past.

​

The ‘SafeChat’ malware functions similarly to previously identified ones, but given its elevated permissions to access phone features, it could pose a greater threat than what we're accustomed to.

Once the app is installed, it will remain on your Android device until you delete it manually by heading to your Apps page. Until then, it gathers terrible amounts of data in the background–and you know the worst part? No one would be any the wiser.

Cyber experts at Cyfirma have yet to reveal how the hackers lured people into downloading ‘SafeChat’.

Cyfirma warns users about ‘SafeChat’ that could steal messages, GPS locations and call logs from Android phones. Credit: Nothing Ahead/Pexels

An Indian hacking group known as 'Bahamut' is thought to be responsible for the malicious app, which has been active since 2017, targeting a range of platforms, including iOS, Android and Windows.

In 2022, the group was implicated in utilising deceptive VPN (virtual private network) applications for Android devices. According to researchers from ESET, another online security firm, these apps were designed to collect sensitive user information and surreptitiously monitor popular messaging platforms like WhatsApp, Facebook Messenger, Signal, Viber, and Telegram. They found at least eight versions of the Bahamut spyware, which, they said, could mean the campaign is well-maintained.

It's worth noting that the hackers initially targeted phones, specifically in South Asia. Still, the app could have been downloaded anywhere else, so we recommend you take extra caution.

Safety first is always our motto here at SDC, so it's so crucial that you're very aware of what applications you're downloading from the Play Store. And if you feel like you may be a victim of this malware, we highly advise you to delete the app immediately.

Key Takeaways

• Experts at cybersecurity firm Cyfirma have warned against malware attacking Google Play Store through malicious apps that deceive Android users and steal their private text information.
  
• The app, ironically named SafeChat, is believed to have been injected with spyware by an Indian hacking group known as 'Bahamut', which steals texts, call logs, and phone GPS locations.
  
• Although the app has now been removed from the Play Store, it will remain on any Android device it was previously downloaded. Users are advised to delete the app manually.
  
• The hackers are targeting phones specifically in South Asia. Still, the app could have also been downloaded worldwide, including in Australia, posing a risk to more Android users.
  
• Bahamut was implicated in utilising deceptive VPN applications for Android devices last year.
  

When in doubt, take the time to research the app in question–check out reviews to see what other users say about it, and head to trusted sources like Google for more information.

Have you come across this app, dear members? Share your experience in the comments below.

 

[Rob44]

Just throw away that mobile phone, you don't need it. Use a landline and pay phone bills by cheque.

 

[margie_j_p_@hotmail.]

Seniors Discount Club members, pay attention! If you're an Android user who enjoys messaging apps like WhatsApp and Facebook Messenger, we have some disturbing news.

An app called 'SafeChat' was released onto Google Play Store, with tech experts at cybersecurity firm Cyfirma warning that it is malware. Unfortunately, hackers had injected the app with spyware that steals text messages, GPS locations and call logs from users' devices without them ever realising.

Fortunately, the app has been removed from the Google Play Store. However, it could still be on your Android device if you downloaded it in the past.

​

The ‘SafeChat’ malware functions similarly to previously identified ones, but given its elevated permissions to access phone features, it could pose a greater threat than what we're accustomed to.

Once the app is installed, it will remain on your Android device until you delete it manually by heading to your Apps page. Until then, it gathers terrible amounts of data in the background–and you know the worst part? No one would be any the wiser.

Cyber experts at Cyfirma have yet to reveal how the hackers lured people into downloading ‘SafeChat’.

View attachment 26847

Cyfirma warns users about ‘SafeChat’ that could steal messages, GPS locations and call logs from Android phones. Credit: Nothing Ahead/Pexels

An Indian hacking group known as 'Bahamut' is thought to be responsible for the malicious app, which has been active since 2017, targeting a range of platforms, including iOS, Android and Windows.

In 2022, the group was implicated in utilising deceptive VPN (virtual private network) applications for Android devices. According to researchers from ESET, another online security firm, these apps were designed to collect sensitive user information and surreptitiously monitor popular messaging platforms like WhatsApp, Facebook Messenger, Signal, Viber, and Telegram. They found at least eight versions of the Bahamut spyware, which, they said, could mean the campaign is well-maintained.

It's worth noting that the hackers initially targeted phones, specifically in South Asia. Still, the app could have been downloaded anywhere else, so we recommend you take extra caution.

Safety first is always our motto here at SDC, so it's so crucial that you're very aware of what applications you're downloading from the Play Store. And if you feel like you may be a victim of this malware, we highly advise you to delete the app immediately.

Key Takeaways

• Experts at cybersecurity firm Cyfirma have warned against malware attacking Google Play Store through malicious apps that deceive Android users and steal their private text information.
• The app, ironically named SafeChat, is believed to have been injected with spyware by an Indian hacking group known as 'Bahamut', which steals texts, call logs, and phone GPS locations.
• Although the app has now been removed from the Play Store, it will remain on any Android device it was previously downloaded. Users are advised to delete the app manually.
• The hackers are targeting phones specifically in South Asia. Still, the app could have also been downloaded worldwide, including in Australia, posing a risk to more Android users.
• Bahamut was implicated in utilising deceptive VPN applications for Android devices last year.

When in doubt, take the time to research the app in question–check out reviews to see what other users say about it, and head to trusted sources like Google for more information.

Have you come across this app, dear members? Share your experience in the comments below.

whats the app look like

 

[Petra]

whats the app look like

 

[Petra]

Just throw away that mobile phone, you don't need it. Use a landline and pay phone bills by cheque.

And don't forget to put all your $'s under your matress, no banks, no fees, no scammers because you don't have a bank account, no cards, just cash, like our parents did. Take your car or public transport to go pay your bills etc. Call your children and grandchildren who live far or overseas, on your home telephone. Take photos and post them to your loved ones at the post office, yeah those were the days.

 

[Pat T]

Remember the song “ Those were the days my friend we thought they’d never end” ? How naive were we!

 

[Penny4]

These days customers are wary of online banking, plus mobile apps.
I remember the days when paying with a cheque. This involved personal cheques, plus paying bills when I worked for businesses.
Cheques are a piece of paper, which can be lost, dishonest people can change the amount with a pen. Plus, days of waiting time to clear with the bank, in order to check if there are enough funds in the account. I remember it happening.
Just last week, my elderly male relative told me that he was informed he can't pay his car service by cheque anymore. This is a Toyota dealership, who is stopping payment by cheques. I'd say they have had shifty bouncing cheques by customers. My relative is very angry about this, as he has always paid by cheque and why should it change! I think he doesn't know how to use Eftpos, but I didn't want to mention it.

 

[Barbara V]

I don't use any of these always wary of new or weird apps.

 

[Penny4]

I don't use any of these always wary of new or weird apps.

Yes, some are dubious.

 

[IAN3005]

Just throw away that mobile phone, you don't need it. Use a landline and pay phone bills by cheque.

If you can get a cheque book.....