Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Just a single malicious email can poison your AI agent’s memory: resea...
VIDA Demonstrates How Passwordless Authentication Can Break the Scam C...
New AI jailbreak techniques expose limits of safety defenses, prompt i...
The cyber incident that is too “isolated” to accentuate to mass media...
Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deploy...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

Fraudulent Android apps offers illegal data retrieval service to millions of users

By CybersecAsia editors | Tuesday, May 12, 2026, 2:01 PM Asia/Singapore

Fraudulent Android apps offers illegal data retrieval service to millions of users

28 fraudulent apps not only bypassed detection on the official app platform — they even charged subscriptions for a fake illegal service.

More apps on the official Google online store for Android apps have been found to be fraudulent yet allowed to appear on the trusted catalog.

This time, the scam apps involved have been offering to provide the call history “for any number” supplied by users after a paid subscription: detailed logs, including call histories, SMS records, and even WhatsApp activity.

In reality, the data delivered after payment was entirely fake, consisting of randomly generated phone numbers paired with prewritten names, timestamps, and call durations embedded within the app code. Users were charged for access to these features through various payment methods, including subscriptions and direct card payments.

App fraud details

A total of 28 such apps were identified, with combined downloads exceeding 7.3m. The majority of activity was concentrated in India, accounting for 53.7% of detections. Many apps appeared tailored to that market, with India’s +91 dialing code preselected and support for local payment systems such as UPI. Other characteristics discovered were:

  • The apps required minimal permissions and avoided requesting sensitive access, as they lacked any real capability to retrieve genuine telecommunications data. Their simple design and limited functionality helped them evade suspicion while still appearing legitimate to users seeking such services.
  • Pricing structures varied widely. Some apps offered weekly, monthly, or annual subscription tiers, with fees ranging from about €5 for lower tiers, to as high as US$80 for premium options.
  • Different payment methods were offered, with some transactions processed through official app store billing systems, while others redirected users to third-party services or in-app card entry forms — approaches that may violate platform policies.

Users who subscribed through official billing channels may be eligible for cancellations or refunds, particularly after the apps were removed from the platform. However, those who paid outside of  official systems must seek reimbursement directly from their payment providers, as platform operators cannot intervene in those cases.

According to Lukáš Štefanko, Security researcher, ESET, the firm that disclosed the fraud scheme to Google Play, the apps “…generate random phone numbers and match them with fixed names, call times, and durations…” and noted that no real data retrieval occurs.

Share:

PreviousTaiwan high-speed rail spoofing case exposes OT governance gaps, not isolated vulnerabilities
NextSU Group Announces Pricing of $6 Million Public Offering

Related Posts

Notorious threat group promoted to FIN status

Notorious threat group promoted to FIN status

Monday, October 19, 2020

DNS‑record analysis shows uneven DMARC enforcement among FIFA World Cup sponsors

DNS‑record analysis shows uneven DMARC enforcement among FIFA World Cup sponsors

Friday, April 17, 2026

The year of the three surges: the 2023 threat landscape

The year of the three surges: the 2023 threat landscape

Thursday, February 29, 2024

Survey indicates levels of banking security and customer trust in Indonesia

Survey indicates levels of banking security and customer trust in Indonesia

Thursday, April 10, 2025

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • VIDA Demonstrates How Passwordless Authentication Can Break the Scam Chain

    Monday, July 13, 2026
    KUALA LUMPUR, Malaysia, July 13, …Read More »
  • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

    Wednesday, July 8, 2026
    The Sparsa AI Enterprise Operating …Read More »
  • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

    Wednesday, July 8, 2026
    With data regions now spanning …Read More »
  • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

    Tuesday, July 7, 2026
    Strengthens DXC’s India presence with …Read More »
  • D-Link Brings Advanced AI Fall Detection and Privacy Protection to Home Elderly Care with the New DCS-8610 Wi-Fi Camera

    Monday, July 6, 2026
    Advanced technologies traditionally found in …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.