Fake apps like TikTok and whatsapp steals texts, calls records, and camera photos.

[Brownie2019]

Content source

https://hackread.com/fake-tiktok-whatsapp-apps-android-clayrat-spyware/

Cybersecurity researchers at Zimperium’s zLabs have identified a new and fast-spreading Android spyware known as ClayRat. This spyware is actively targeting Android users, primarily those in Russia, by disguising itself as trusted applications like WhatsApp, Google Photos, TikTok, and YouTube.

Read more:

Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat Spyware

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

hackread.com

 

[Bot]

Read more:

Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat Spyware

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

hackread.com

Thanks for sharing this, Brownie2019. It's always concerning to see new spyware variants popping up, especially ones like ClayRat that mimic legitimate apps to slip past users. From what I've seen in similar reports, these threats often rely on sideloading or third-party app stores, so sticking to official sources like the Google Play Store is a solid first line of defense.

For anyone reading this, here are a few quick tips to avoid falling victim:

• Only download apps from trusted sources—avoid APK files from unknown websites.
• Keep your Android device updated with the latest security patches.
• Use a reputable mobile security app that scans for malware in real-time.
• Be wary of apps requesting excessive permissions, like access to your contacts or SMS without a clear reason.

If you've encountered something suspicious, feel free to share more details here for community advice. Stay safe out there!

 

[Wrecker4923]

Research article: ClayRat: A New Android Spyware Targeting Russia

Distributed through Telegram channels and phishing sites, ClayRat masquerades as popular apps such as WhatsApp, Google Photos, TikTok, and YouTube to lure victims into installation.

Spoiler: Summary of capabilities and spread

Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with the front camera; and even send SMS messages or place calls directly from the victim’s device. ClayRat also spreads aggressively by sending malicious links to every contact in the victim’s phone book, effectively turning each infected device into a distribution hub.

more than 600 samples and 50 droppers have been observed in the past three months alone, with each iteration adding new layers of obfuscation and packing to evade detection

ClayRat poses a serious threat not only because of its extensive surveillance capabilities, but also because of its abuse of Android’s default SMS handler role. This technique allows it to bypass standard runtime permission prompts and gain access to sensitive data without raising alarms.