Major Risks from Malicious Android Apps in 2025
In today’s digital world, where smartphones have become an extension of our daily lives, mobile app threats are multiplying, especially on Android. ESET, a company renowned for its cybersecurity expertise, recently identified a group of a dozen Android apps containing a particularly dangerous malware known as the VajraSpy Trojan. These apps, still available on the Google Play Store, pose a major risk to user security and privacy.
This malware doesn’t just collect innocuous data; it penetrates deep into the system, harvesting contacts, SMS messages, call logs, and even the geolocation data of infected devices. This invasive behavior transforms smartphones into veritable spying tools, jeopardizing user privacy. This danger is exacerbated by the sophisticated infection method employed: victims are initially contacted via popular communication platforms like Facebook Messenger or WhatsApp by individuals claiming to be seeking a romantic relationship.
This social approach prompts users to then download another, supposedly more secure, messaging application to continue their conversations. However, these are precisely the malicious applications identified by ESET. Behind this strategy lies a vast, targeted campaign designed to deceive users, exploit their personal data, and create serious privacy issues.
For example, in one of the applications, even if the user does not complete the registration process, the malware runs in the background, stealing sensitive information without the victim noticing. This method indicates a worrying sophistication and underlines the importance of increased vigilance.
Discover the list of Android apps to uninstall urgently to protect your privacy, improve your phone’s performance and avoid security risks.
Decrypting how malicious applications work: a multifaceted threat
The group of applications in question falls into three distinct categories, each haunted by a different modus operandi linked to the VajraSpy Trojan. In the first group, these are mainly messaging apps that prompt users to enter their full contact details, including their phone number. This collection phase allows the malware to activate discreetly in the background. It exploits access to steal contact lists, SMS messages, GPS location, as well as call logs and the inventory of applications installed on the phone.
This data collection creates a veritable personal database without the user’s knowledge, which will later be exploited for malicious purposes such as phishing, identity theft, or the distribution of targeted and unwanted advertising. For example, a victim might suddenly receive suspicious messages or be targeted by fraudulent campaigns based on their closest contacts.
The second group comprises much more insidious applications that exploit Android’s accessibility features to intercept communications in real time on secure platforms like WhatsApp and Signal. These features, intended to facilitate accessibility for users with disabilities, become a tool for espionage. The malware can thus monitor private conversations and notifications, shattering any notion of privacy the user might have.
This eavesdropping and intrusion capability demonstrates how a tool that was originally intended to be benevolent can be perverted by malicious actors to steal users’ trust. The risk is all the greater because these applications are available on Google Play, which is supposed to be a secure platform for Android.
Finally, the third category consists of a single application that occupies a unique position: it provides a news service and requests a phone number for login. Under the guise of a legitimate service, it carries out stealthy data collection, intercepting contacts and stealing certain files, thus compromising the security of users’ personal and professional information.
To protect yourself effectively, relying solely on Play Protect is no longer sufficient, even though this Google-provided feature strengthens the native defense against threats. It is recommended to use complementary solutions such as Avast, Kaspersky, or Sophos, which have advanced mechanisms for detecting and blocking these threats.
12 Android apps to remove now: identification and danger
Faced with this threat, it is crucial that every Android user can recognize risky apps. The list compiled by ESET includes twelve app names that, despite their apparent legitimacy on the Play Store, must be uninstalled immediately to prevent any intrusion.
Among these names are Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Cha, Nidus, GlowChat, and Wave Chat. These apps have been involved in malicious activities, accumulating over 1,400 downloads between them before their gradual removal by Google. Despite this removal, the risk remains for phones that are still infected.
A real-life situation encountered by a user illustrates how easy it is to fall into the trap: lured into a friendly conversation on WhatsApp, he is offered a “safer” application to continue the exchange. This trust comes at a high price, as the application actually installs spyware in the background, collecting his personal data.
In a context where professional and personal mobility are heavily dependent on digital tools, the compromise of a device represents a major vulnerability for both individuals and businesses. Thus, an infected smartphone can potentially allow hackers to access sensitive information, or even compromise the security of an entire network.
Therefore, in addition to uninstalling these applications, it is advisable for each user to regularly review the permissions granted to their applications and to use reputable antivirus software such as Dr.Web, Trend Micro, or Lookout. These solutions allow for in-depth diagnostics and replication of protection—essential resources against this type of attack.
How to strengthen the security of your Android smartphone against these types of threatsThe threat posed by these twelve applications also prompts reflection on how each user can and should protect their smartphone on a daily basis. First, it is essential to carefully choose the applications you install. To do this, vigilance must be exercised on several points: user reviews, the number of downloads, the permissions requested, and, above all, the source. The Google Play Store attempts to impose strict rules and offers tools like Play Protect to automatically analyze applications, but this system is not infallible. Economic realities sometimes push malicious developers to circumvent these filters with applications that appear legitimate. In addition, compatibility with security solutions like McAfee and Bitdefender provides an extra layer of defense, capturing threats that Google Play Protect might miss.
Besides choosing the right apps, it’s crucial to properly configure the permissions of already installed apps. For example, a game app shouldn’t have access to contacts or GPS location. Keeping your operating system up to date is also essential, as security patches are regularly released to address vulnerabilities.
Finally, using a secure network and avoiding unprotected public Wi-Fi connections are essential measures. These practices reduce the risk of infection from unsecured data transfers. These precautions, when combined with constant vigilance, help protect against attacks similar to those carried out by the aforementioned applications.
For those who wish to delve deeper into the subject, a detailed exploration of the risks associated with Android applications can be found on
this specialized website
, offering practical advice for effective protection.