Researchers at cybersecurity firm SentinelLabs have revealed the spread of fake versions of the YouTube app that pose a threat to users’ security and data integrity.
The researchers spotted at least 3 different versions of YouTube-like apps on Android devices, which are fake applications that differ from the original application, and have been added to them malware of the type of Trojan horse for remote control, known as RAT.
Fake YouTube apps contain malware called CapraRAT, which can steal all kinds of sensitive data from a user’s device, such as SMS, call logs, GPS data, and more.
It can also access your microphone and camera, record audio and video clips and send them to third parties, take screenshots, bypass system settings, and edit files on the device’s file system.
These apps are used to launch successful campaigns to steal personal data directly, design phishing attacks and social engineering.
According to the SentinelLabs report, all apps require extensive permissions when installing, which should be a sufficient warning for most people. When you run these apps, they look more like a web browser than a native app, and they are missing some of the features found in the original YouTube app.
The report states that these fake applications from YouTube are behind a group of hackers called APT36, who claim to be affiliated with the Pakistani government and mainly target Indian government institutions as well as political activists.
For Android users, it is advised to be careful when downloading applications from outside the official trusted stores, and to be careful when granting permissions to installed applications.