Beware Android Users: This Chat App Can Spy on You and Steal Personal Information

Researchers at ESET warned the Android users about the malicious app that can steal personal information

Android smartphones are being used around the world by millions of people and are pretty much the most popular handheld devices in current times. The user interface of Android phones is very much preferred by many people around the world. But according to a new report, there are certain apps one should be aware of before installing them in their device.

Researchers from ESET have warned about a dangerous and malicious chatting app, which can spy on the user and even steal personal data. The app, named Welcome Chat contains dangerous malware called BadPatch. The app is also promoted on a malicious website that claims it is a secure chat platform. Lukas Stefanko, a researcher with ESET stated, "In regard to the 'secure' claim, nothing is further from the truth."

Malicious Chatting App

Android phone
Picture for representation. Pixabay

"Not only is Welcome Chat an espionage tool; on top of that, its operators left the data harvested from their victims freely available on the internet. And the app was never available on the official Android app store," he added as reported by the Mirror.

If a user downloads the app, he or she will be asked to give permissions such as to send and view text messages, access files, record audio, and also access device location and contacts. Stefanko mentioned, "Such an extensive list of intrusive permissions might normally make the victims suspicious – but with a messaging app, it's natural they are needed for the app to deliver the promised functionality."

If the user gives permission, the app is allowed to do a number of malicious actions that include reading private text messages, viewing photos, and accessing contact lists. The researchers urged the users not to download any app from outside the Play Store.

"On top of that, users should pay attention to what permissions their apps require and be suspicious of any apps that require permissions beyond their functionality – and, as a very basic security measure, run a reputable security app on their mobile devices," Stefanko added.