According to a report released from Facebook this week, a hacker group based out of India and Pakistan is spying on thousands of users by tricking them into downloading malware that resembles popular messaging apps.

The group, calling itself Bitter APT, has been installing this malware on Android devices via fake versions of encrypted messaging apps like WhatsApp, Signal and Telegram. According to Facebook, this malware can do everything from stealing call logs and geolocation data to accessing users’ cameras and microphones. And because the malware appears like a legitimate app, many anti-virus systems can’t find it.

“It shows that Bitter has managed to reimplement common malicious functionality in a way that went undetected by the security community for some time,” Facebook wrote in a report.

Facebook also said that it has identified more than 10,000 users in nine countries who may have been affected by this scam. Thankfully, the company says it will contact these users individually to let them know.

“If we think that you might have come into any contact with any of these groups, we want to alert you and we want to tell you the tools that you can use to secure your online presence,” Facebook head of cyber espionage investigations Mike Dvilyanski told Forbes.

As always, it’s a good idea to avoid downloading anything from a strange link you receive via Facebook. Even if it appears innocuous, there’s no telling what hidden dangers it could contain for your privacy.

Recommended Resources

Choose what the experts use: award-winning cybersecurity you can trust and rely on.

Surf the web truly incognito. Try Bitdefender Premium VPN, the ultra-fast VPN that keeps your online identity and activities safe from hackers, ISPs and snoops.

System Mechanic 14 – Make your computer run like new. Winner of 200+ Editor’s Choice awards!