Could your messaging app of choice have been authored by a threat actor known as Virtual Invaders? As described by ESET researchers this week, this is what happened to the victims of an ongoing and targeted Android espionage campaign called eXotic Visit that began in late 2021 and pose as messaging services. The malicious apps – which were distributed through dedicated websites and even Google Play – masqueraded as messaging services, but came bundled with the XploitSPY malware. The campaign appears to have targeted people mainly in Pakistan and India.
To learn more, watch the video and make sure to read the full blogpost.