It targets Arabic speakers .. Security experts warn Android users of dangerous messaging app

Security experts have warned users of Android devices of a dangerous new messaging service that appears to have been designed to secretly spy on users who are believed to be mostly Arabic-speaking.

The popular messaging service known as the "Welcome Chat" itself is marketed through its ability to send "secure communications", but researchers at ESET for cyber security discovered that they quietly stored text messages, photos, etc. on a site freely available via The Internet, where cybercriminals can easily see or steal it.

It enables the application to persuade users to use it as a messaging service, and when users install it on their device, it requests permissions such as the ability to send and display short text messages (SMS), access to files and voice recording, and access to contacts and the device's location.

Such an alarmingly comprehensive list of permissions might make people complain, but with the messaging app, these features are required for the app to deliver the promised service.

Not only that, but "Wellcome Chat" was also actively used by hackers as a spy tool to monitor users' data and messages by program developers from the moment they registered for the service.

According to research from cybersecurity, the application is designed to connect to the central server every five minutes, with downloading some excerpts from the user's last conversations with friends, family, and colleagues.

The research team revealed that the spying application targeted Arabic-speaking users, since both the site's language and the language inside the application are Arabic.

Fortunately, Welcome to Chat was never available in the Google Play store and is only available when downloaded directly from third-party app stores across the Internet.

Often users in these stores search for banned apps, old versions of software, or free versions of paid apps.

The researchers, who identified "Welcome Chat" as a security threat, concluded that "while it appears that the application-based espionage operation is targeting a simple category, we strongly recommend that users do not install any applications from outside the official Google Play store."

"Moreover, users should pay attention to the permissions requested by the applications, and doubt any applications that require permissions beyond their services," they added.