ESET Uncovers Fraudulent Android Apps in CallPhantom Campaign

ESET researchers identified fraudulent Android apps on Google Play that falsely promised to display call history "for any number." These apps, part of the CallPhantom campaign, were downloaded over seven million times before being removed from the platform. The apps deceived users by generating fake call logs while facilitating unauthorized payments through hidden premium services. No specific technical indicators (e.g., CVE IDs) or exact removal dates were disclosed in the report. The primary impact involved financial fraud and misuse of Android permissions to exploit users. The apps targeted Android users globally via Google Play.