The Reveal Platform
Intel Name: Android malware promises energy subsidy to steal financial data
Date of Scan: August 19, 2025
Impact: Medium
Summary: A recent Android phishing campaign targeting Indian users disguises itself as a government electricity subsidy service. The attackers use social engineering tactics, including YouTube videos, fake government-like websites, and a GitHub-hosted malicious APK, to trick users into installing malware. Once installed, the app steals financial data, intercepts text messages, sends smishing messages to contacts, and allows remote control via Firebase. The malware and its hosting repositories have since been reported and taken down. This campaign poses a serious threat to user privacy and financial security.
