Don't trust these 3 disturbing apps — two of 'em can track your live movements

spyware victim depicted with GPS pointer and giant eye
(Image credit: Getty Images/Malte Mueller)

Cybersecurity firm Cyfirma (haha, how's that for a portmanteau) discovered three suspicious Android apps under the moniker "SecurITY Industry." After doing some deep-dive research, Cyfirma discovered that the folks behind the dubious account are part of a threat group called DoNot. (This gets juicier when you find out that, according to SOCRadar, DoNot is a spy group linked to the Indian government.)

DoNot has been targeting regions such as Norway and South Asia for their own political agenda, but it seems like regular civilians like you and me can easily get caught up in their cyber warfare. After all, DoNot's infected apps were found in the Google Play Store for anyone to download.

Which 3 apps should you watch out for?

Cyfirma discovered that DoNot hosted three apps in the Google Play Store: Device Basics Plus, nSure Chat, and iKHfaa VPN. It's the latter two apps that caught researchers' eye because they have the ability to fetch victims' contact list and track their location.

What raises alarm bells was that iKHfaa VPN and nSure Chat asked for permissions that are irrelevant to the app's operation. For example, after installing iKHfaa VPN, it asks quarries to turn on location and contact permissions, taking advantage of users' tendency to breeze past pop-ups by mindlessly tapping "OK."

iKHfaa VPN

iKHfaa VPN (Image credit: Cyfirma)

"Normally, VPN apps don’t use location and contact permission to make a VPN app work. These are the least required permissions app for VPN apps to perform their job. All these suspicious findings made us dig more," the Cyfirma report said.

nSure Chat

nSure chat (Image credit: Cyfirma)

As it turns out, iKHfaa VPN is a replica of a genuine app called Liberty VPN, but the threat actors injected malicious code to spy on unwitting victims. Not only can iKHfaa VPN pinpoint your exact location, but it can track your phone's live movements. (Even if your GPS is turned off, the spyware will capture your device's last known location.) It can also read and fetch your contact list. Cyfirma claimed that nSure Chat has similar malicious characteristics.

We typically warn our readers about downloading apps from outside the Google Play Store as a safety measure, but even the search engine giant's official app store can be the Wild, Wild West. We suggest downloading an anti-malware mobile app such as Bitfender or Avast Mobile Security to thwart malicious groups like DoNot from infiltrating your device.

Be sure to check out our best antivirus apps page for more options.

Kimberly Gedeon

Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!