The Bahamut APT group distributes at least eight malicious apps that pilfer victims’ data and monitor their messages and conversations
This week, ESET researchers published their analysis of a malicious campaign where the Bahamut APT group targets Android users via trojanized versions of two legitimate VPN apps – SoftVPN and OpenVPN. Since January 2022, Bahamut has distributed at least eight malicious apps in order to pilfer sensitive user data and actively spy on victims’ messaging apps. These apps were never available for download from Google Play; instead, they were distributed through a fake SecureVPN website.
Watch the video to learn more.
Full technical details are available here: Bahamut cybermercenary group targets Android users with fake VPN apps