{"id":236803,"date":"2026-05-08T22:30:38","date_gmt":"2026-05-09T03:30:38","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/05\/fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads"},"modified":"2026-05-08T22:30:38","modified_gmt":"2026-05-09T03:30:38","slug":"fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/05\/fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads","title":{"rendered":"Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads.jpg\"><\/a><\/p>\n<p>Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss.<\/p>\n<p>The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over 3 million downloads, before they were taken down from the official app storefront. The activity, codenamed <strong>CallPhantom<\/strong> by Slovakian cybersecurity company ESET, primarily targeted Android users in India and the broader Asia-Pacific region.<\/p>\n<p>\u201cThe offending apps, which we named CallPhantom based on their false claims, purport to provide access to call histories, SMS records, and even WhatsApp call logs for any phone number,\u201d ESET security researcher Luk\u00e1\u0161 \u0160tefanko <a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/fake-call-logs-real-payments-how-callphantom-tricks-android-users\/\">said<\/a> in a report shared with The Hacker News. \u201cTo unlock this supposed feature, users are asked to pay \u2014 but all they get in return is randomly generated data.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss. The 28 apps have collectively racked up more than 7.3 million downloads, [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,45,1512],"tags":[],"class_list":["post-236803","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-finance","category-mobile-phones"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/236803","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=236803"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/236803\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=236803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=236803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=236803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}