Home Cyber Security Vietnamese hackers found to be running espionage campaign from Google Play Store

Vietnamese hackers found to be running espionage campaign from Google Play Store

Vietnam hackers
Vietnam hackers

It is a fact that Google Play Store has been home to a lot of abuses in the past and despite all the efforts made by Google, there are still tons of apps on the store that are found to be either adware, malware, spyware or running a dubious campaign. Now, the simple reason behind this is the process of accepting these apps to the Play Store and we believe that stricter regulations need to be implemented. Talking about Google Play Store, it is found out that a new campaign has been found to be running on the platform.

This time, the culprits are said to be the Vietnamese hackers who were running an espionage campaign on the Android default store. It is also said in the report that these hackers were distributing malicious software from the last four years on Google Play Store. These hackers are also suspected to be having links to the Vietnamese government as per the report.

As per Kaspersky who revealed about this campaign, it affected roughly 300 devices in nearly a dozen countries including Vietnam, India, Bangladesh, Indonesia, Iran, Algeria, South Africa, Nepal, Myanmar, and Malaysia. This targeted Android campaign which has been named as “PhantomLance” by Kaspersky is linked to a known hacking group from Vietnam as well.

It is also revealed that these hackers are running local as well as international espionage campaign. For the domestic market, the hackers are distributing their campaign through applications which promise to help users locate the nearest pub in Vietnam, or providing information on nearby churches.

Also, these hackers developed “multiple versions of their malware, likely in order to bypass Google marketplace filters” as per the report which is the reason why Google was not able to remove these apps from their market. It is known that the apps would not have malware when they were up for approval but this malware would be added later.