It can start with a simple WhatsApp message carrying what appears to be a festive greeting. The message might urge users to download an attached APK file to view customised wishes and share them with friends. Cyber experts explained that these malicious APK files are designed to silently take control of the device once installed. But APK files can also be downloaded from other websites or shared through apps like WhatsApp, SMS or even email. That is why APK files should only be installed if the source is fully trusted, and ideally avoided altogether when received through messages or links.

Source: Indian Express December 28, 2025 04:46 UTC