Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

ESET Research discovers new spyware posing as messaging apps targeting users in the UAE

Two Android spyware families impersonate Signal and ToTok to steal sensitive data from UAE users, with ProSpy discovered in June 2025 and ToSpy active since mid-2022.

  • On Oct. 02, 2025, ESET Research disclosed two previously undocumented Android spyware families named ProSpy and ToSpy, which impersonate Signal app and ToTok app to target Android users.
  • Researchers say ProSpy has likely been active since at least 2024, while ToSpy likely began on June 30, 2022 and remains active with command-and-control servers.
  • Distributing the malware, threat actors used deceptive websites impersonating Signal and ToTok plus a fake Samsung Galaxy Store page hosting malicious APKs.
  • UAE users face data theft, with spyware exfiltrating contacts, ToTok chat backups, images, documents, audio, video, and maintaining persistence via foreground service and AlarmManager.
  • Researchers recommended keeping Play Protect active and avoiding third-party APK installs as ESET published IoCs while attribution remains inconclusive; ToTok's removal over surveillance concerns likely influenced its use as a lure.
Insights by Ground AI

13 Articles

Tech RadarTech Radar
Center

Android spyware pretends to be Signal or ToTok update to fool victims - here's how to stay safe

Two campaigns are targeting people in UAE and the wider region with infostealing malware.

·United Kingdom
Read Full Article
CyberScoopCyberScoop
Center

Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal

Researchers have found two Android spyware families masquerading as messaging apps Signal and ToTok, apparently targeting residents of the United Arab Emirates. ESET revealed the spyware campaigns Thursday in a blog post, saying that researchers discovered it in June but believe it dates back to last year. They dubbed the campaigns ProSpy and ToSpy, with the first impersonating both Signal and ToTok, and the second just ToTok. ToTok has been eff…

Read Full Article
BleepingComputerBleepingComputer
Reposted by
unsafe.shunsafe.sh
Center

Android spyware campaigns impersonate Signal and ToTok messengers

Two new spyware campaigns that researchers call ProSpy and ToSpy lured Android users with fake upgrades or plugins for the Signal and ToTok messaging apps to steal sensitive data.

Read Full Article
BenzingaBenzinga
+2 Reposted by 2 other sources
Center

ESET Research discovers new spyware posing as messaging apps targeting users in the UAE

ESET Research has uncovered two previously undocumented Android spyware families, which ESET has named Android/Spy.ProSpy and Android/Spy.ToSpy. ProSpy impersonates both Signal and ToTok, while ToSpy targets ToTok users exclusively. Both malware families aim to exfiltrate user data, including documents, media, files, contacts, and chat backups. Confirmed detections in the UAE and the use of both phishing and fake app stores suggest regionally fo…

·New York, United States
Read Full Article
01net01net

Spying in Progress on Android: Two Spyware Programs Spread via Fake Apps

Two malware programs, ProSpy and ToSpy, are currently targeting Android smartphones by masquerading as popular apps. The virus duo aims to suck up all your personal data. To stay under the radar, they employ a variety of tactics.

Read Full Article
cybernoz.comcybernoz.com

Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal - Cybernoz - Cybersecurity News

Open the article to view the coverage from cybernoz.com

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 83% of the sources are Center
83% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Benzinga broke the news in New York, United States on Thursday, October 2, 2025.
Sources are mostly out of (0)

Similar News Topics

Apps icon

Apps

Smartphones icon

Smartphones

Android icon

Android

Signal icon

Signal

United Arab Emirates icon

United Arab Emirates

News
For You
SearchBlindspotLocal