Beware! Dangerous Apps Found on Google Play Store Stealing Personal and Bank Data

The Government of Pakistan’s Cabinet Division has issued a critical cybersecurity advisory, warning users against dangerous spyware and banking trojans discovered on the Google Play Store. The advisory, marked “Priority,” highlights a growing threat to user privacy and financial security due to malicious apps posing as utility tools.

According to the Cabinet Division’s Advisory No. 09/2025, Google recently removed several harmful applications from the Play Store. These included apps linked to two major threats, the KoSpy spyware and the Anatsa (TeaBot) banking trojan. These apps were disguised as file managers, smart utility tools, and software update services, making them hard to detect.

KoSpy Spyware: A North Korean Threat

The advisory reveals that KoSpy has been linked to North Korean cyber groups APT-37 (ScarCruft) and APT-43 (Kimsuky). Once installed, KoSpy can access a wide range of sensitive user data. This includes SMS messages, call logs, audio recordings, screenshots, and real-time location data. The spyware was distributed through apps like Phone Manager, Smart Manager, Kakao Security, and Software Update Utility.

TeaBot Trojan Targets Your Bank Info

The Anatsa (TeaBot) malware, on the other hand, is a dangerous banking trojan. Disguised as a file manager or document reader, it targets banking apps to steal credentials and financial details. The advisory reveals it has already been downloaded over 220,000 times, showing the scale of the threat.

Official Recommendations

To safeguard against such cyber threats, the Cabinet Division has issued clear guidelines:

• Immediately remove any identified malicious apps from devices.
• Download apps only from trusted sources and verify their authenticity.
• Avoid apps that request excessive permissions or come from unknown developers.
• Enable Google Play Protect to help detect and block harmful apps automatically.

Call for Vigilance

The advisory urges all public and affiliated organizations to share this information across departments and implement necessary precautions. This latest warning underscores the need for heightened awareness among Pakistani users, especially given the evolving nature of global cyber threats. The use of deceptive tactics by malware developers makes it more critical than ever to stay informed and cautious while downloading apps.

For now, users are strongly advised to check their installed applications and follow the government’s recommendations to avoid falling victim to data theft or financial fraud.