Soumya Prakash Pradhan

Google Play, a popular app store for Android users globally, has faced increasing risks from cybercriminals who aim to distribute malware.

Researchers have discovered infected apps on Google Play, posing a serious threat to users' device security and potentially enabling other cyber attacks.

Identifying Malicious Apps on Google Play

CYFIRMA, a well-known cybersecurity company, has alerted Android users about two specific apps on Google Play: nSure Chat and iKHfaa VPN.

These apps, developed by "SecurITY Industry," have been found to contain spyware.

The spyware's objective is to secretly collect sensitive information from users' devices.

What is more concerning is that state-sponsored hackers are using these apps to gather intelligence from targeted devices.

The stolen information includes location data and contact lists, posing a significant privacy risk to users.


CYFIRMA's report reveals that the infected apps can be attributed to a well-known hacking group called "DoNot."

This state-sponsored group has been carrying out targeted attacks on prominent organisations in Southeast Asia since 2018.

The report emphasises that these malicious apps are connected to the group's Android payload, which has previously targeted individuals in the Kashmir region.

While the exact motive behind their cyber activities in the South Asian region is uncertain, it is evident that they pose a significant threat to the security and privacy of users.

How Spyware Apps Steal User Data

The report provides insights into how these malicious apps operate.

During installation, they ask for sensitive permissions from users, such as access to contacts and precise location.

Once granted, these apps covertly gather the requested data and send it to the hackers.

This highlights the significance of being vigilant when granting permissions to any app, as unnecessary or suspicious requests can result in data breaches and privacy infringements. 

Protecting Yourself from Spyware

  1. Be cautious of suspicious apps and links.
  2. Install and update a trusted antivirus program.
  3. Stick to official app stores and check permissions.
  4. Keep your device and apps updated.
  5. Evaluate and limit app permissions.
  6. Activate firewall protection for added security.