Android Spyware Campaign "Arsink" Targets Users in 143 Countries via Fake Popular Apps

A new Android spyware campaign named Arsink is targeting users across 143 countries by disguising itself as popular applications such as WhatsApp, YouTube, Instagram, and TikTok. Identified by researchers at Zimperium zLabs, this malware operates as a Remote Access Trojan (RAT), enabling the exfiltration of sensitive data—including SMS messages, contacts, call logs, and location—as well as the execution of remote commands. No specific start date for the campaign has been mentioned. The malware bypasses Android security mechanisms using obfuscation and persistence techniques.