250+ Malicious Apps and 80 Phishing Domains Uncovered in SarangTrap Campaign
Zimperium, the world leader in mobile security, announced its zLabs threat research team has uncovered a highly coordinated and emotionally manipulative malware campaign that is targeting mobile users through fake dating and social networking apps. The campaign, identified as SarangTrap, has already leveraged over 250 malicious Android apps and more than 80 phishing domains, all designed to steal sensitive data while masquerading as trusted platforms.
These apps, once installed, request access to contacts, images, and other sensitive data, all while presenting a slick, believable interface that mimics legitimate dating services. Victims have reported being lured in with emotionally charged interactions and exclusive “invitation codes,” only to later face extortion threats after their private information was silently exfiltrated.
“This is more than just a malware outbreak, it’s a digital weaponization of trust and emotion,” said the zLabs research team. “Users seeking connection are being manipulated into granting access to some of their most personal data.”
The campaign is active across both Android and iOS platforms, using deceptive installation methods such as malicious configuration profiles on iOS to gain access to contacts, photos, and device identifiers. Many of the phishing domains were even indexed by popular search engines, making them appear legitimate to unsuspecting users searching for dating or social apps.
Zimperium strongly urges mobile users to:
- Be cautious of apps requiring unusual permissions or invitation codes
- Avoid downloading apps from unfamiliar links or unofficial app stores
- Regularly review device permissions and installed profiles
- Install on‑device mobile security solution to help detect and block malicious apps
Also read:Â Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
