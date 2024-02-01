As modern romance enters the digital age, cyber espionage group, Patchwork, alleged to be Indian state-sponsored, has weaponized the world of online dating. A recent revelation by cybersecurity firm, ESET, has brought to light a cunning scheme where Patchwork is using romance scams to infect devices in Pakistan with spying malware through malicious Android apps.
The Infiltration of the App Market
According to ESET, Patchwork has disseminated at least 12 apps such as MeetMe, Let's Chat, Quick Chat, and Rafaqat on Google Play and other platforms. These apps were downloaded over 1,400 times before Google intervened and removed them. While a handful of victims were from Malaysia and India, it's evident that Patchwork had its sights primarily set on Pakistani users.
A Long-standing Threat
The group has been active since December 2015, with a notorious reputation for phishing attacks against Pakistan. The malware used, aptly named VajraSpy, is capable of extracting user data and has been previously deployed against Pakistani military personnel. The apps, mainly posing as messaging platforms, lured victims through legitimate apps and then duped them into using the malicious ones.
Collecting Sensitive Information
They harvested sensitive information like contacts, SMS, call logs, and location. One app, Wave Chat, had even more sinister capabilities, such as recording calls and keystrokes, snapping pictures, audio recording, and scanning Wi-Fi networks. ESET has not disclosed the exact targets in Pakistan, but previous Patchwork campaigns have targeted universities, government organizations, and individuals in sectors conducting research.