Beware of Malicious Android Apps: DONOT Group’s Sneaky Chat Platform Scam in South Asia

Stealthily disguised as a chat app, “Tanzeem” is DONOT’s latest trick to exploit OneSignal and swipe sensitive data from South Asia. Instead of chatting, users end up granting the malicious app all-access passes to their private lives. This might just be the most anti-social social app yet.

3P
Published: January 20, 2025 4:12 pmAdded: January 20, 2025 at 8:31 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Ah, the old “trusty chat app” trick—DONOT is at it again, proving that even malware creators have a favorite disguise. Maybe next time they’ll make it a ‘Wholesome Puppy Photo Sharing Platform’—that’d surely reel in the clicks! But on a serious note, if an app named “Tanzeem” wants to know where you are, who you’re calling, and what’s in your storage, it’s probably not just interested in your latest TikTok dance moves.

Key Points:

  • The malicious app “Tanzeem” is used by the DONOT APT group from India for intelligence gathering.
  • The app masquerades as a chat platform but requires dangerous permissions once installed.
  • It exploits OneSignal for phishing attacks, marking a new method for the DONOT group.
  • Targeted data includes call logs, location, and sensitive inputs, sent to specific C2 servers.
  • DONOT’s reach extends to various South Asian organizations using evolving tactics.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?