North Korean Hackers Target Middle East with Malicious Chat Apps
Security experts caution about malicious apps masquerading as popular chat services, with users in the Middle East targeted. The campaigns, attributed to North Korean hackers, have been active since 2024 and distribute malware that steals sensitive data.
The malware, ProSpy and ToSpy, is spread through fake apps mimicking Signal and ToTok. Signal, a privacy-focused chat app with 70 million users worldwide, is not associated with these malicious activities. ToTok, developed by a UAE company, has faced scrutiny due to surveillance concerns and was removed from official app stores.
The malware exfiltrates SMS messages, contacts, files, and device information. It disguises itself as legitimate apps, with Signal Encryption Plugin malware even masquerading as Google Play Services. Users are advised to download apps only from official sources like Google Play Store and Apple App Store to avoid such threats.
The ProSpy and ToSpy campaigns, active since 2024, target Android users in the United Arab Emirates and the region. They distribute malware that steals sensitive data by posing as popular chat apps. Users are urged to be cautious and stick to official app stores for downloads.
Read also:
- InformationWarfare in the Modern Era: Enhancing an Information Strategy for today's Battlefield and Botnet Threats
- Ukraine's Drone Revolution: Rapid Evolution and Countermeasures
- EU's Energy Infrastructure Under Siege: Cyber Attacks Surge 67% in 2025
- Vito Schnabel's Art & Real Estate Fortune Tops €10.4M
