On 16 June 2024, the New Straits Times (NST) reported that two Malaysians who were members of the ‘Trojan Spymax’ syndicate were extradited to Singapore.

During an operation conducted by the Bukit Aman Commercial Crime Investigation Department (CCID), Interpol and the Singapore Police Force (SPF) arrested the two individuals.

These two individuals were charged with operating servers to infiltrate Android mobile phones with malicious intent to control the phones.

They played the roles of malware seller and manager of server rentals that house Android Package Kit (APK) files.

What happens?

Trojan Spymax is known as an international fraud syndicate that offers products and services through social media platforms such as Facebook and Instagram.

As part of the purchasing process, interested buyers would be provided with links to Android Package Kit (APK) files that need to be installed on their phone.

The APK files provided have malicious software that could hack into victims’ phones, allowing the fraud syndicate to control the phone to access One-Time Passwords (OTPs), screen mirroring, contact lists, and remote access to the victim’s devices.

All this allows the scammer to modify the contents of the victim’s mobile phone and gain access to their bank accounts.

Our Advice

To stay away from malicious APK files and ensure your device’s security, follow these steps:

1. Download from Trusted Sources

Official Stores: Only download APKs from reputable sources such as Google Play Store, Amazon Appstore, or the device manufacturer’s official store.

Verified Websites: If you need to download an APK outside of official stores, use well-known and trusted websites like APKMirror, which has a reputation for verifying the safety of their files.

2. Check App Permissions

Review Permissions: Before installing an APK, review the permissions it requests. If an app asks for permissions that seem unnecessary for its function (e.g., a calculator asking for camera access), be cautious.

3. Enable Google Play Protect

Activate Play Protect: Ensure that Google Play Protect is enabled on your device. It scans your apps and device for harmful behavior and warns you about potential threats.

4. Keep Your Device Updated

OS Updates: Regularly update your device’s operating system to protect against security vulnerabilities.

App Updates: Keep all your apps up to date as developers frequently release security patches.

5. Use Antivirus Software

Install Reputable Security Apps: Use a reliable mobile antivirus app to scan for malware and protect your device from threats.

6. Verify APK Signatures

Signature Verification: Use tools to check the digital signature of an APK file before installing it. Tools like APKMirror Installer or online services can help verify the integrity of the APK.

7. Read Reviews and Ratings

User Feedback: Check user reviews and ratings of the app. Beware of apps with few downloads, no reviews, or overwhelmingly negative feedback.

8. Avoid Clicking on Untrusted Links

Phishing Awareness: Do not click on links or download APKs from unsolicited emails, messages, or untrusted websites.

9. Disable Unknown Sources

Restrict Installations: Go to your device’s security settings and ensure that the option to install apps from unknown sources is disabled. Only enable it temporarily if you need to install a specific APK from a trusted source, then disable it again immediately after.

10. Backup Your Data

Regular Backups: Regularly back up your data to mitigate the impact of potential security incidents.

11. Be Cautious with Public Wi-Fi

Secure Connections: Avoid downloading apps or performing sensitive transactions over public Wi-Fi. Use a VPN if you need to access the internet from a public network.

Condition Zebra provides Cybersecurity Solutions and Cybersecurity Training for public and private SMEs in various industries, Financial Services (Banks and insurance), Government Ministries and agencies, and Government-linked companies.

Our mission is to utilise a unique strategy of combining key technologies with expertise in Information Security and Risk Management to fully prepare clients to prevent and deal with cybersecurity incidents.

Condition Zebra’s Managed Detection and Response (MDR) solution is a comprehensive cybersecurity service that utilises the real-time threat detection and response capabilities of an EDR or XDR to detect, investigate, and respond to cyber threats.

Our Penetration Testing service is a well-sought type of Cyber Security Service recognised as accredited by the Accreditation body CREST.


Two members of ‘Trojan Spymax’ syndicate extradited

Share this: