Cockroach Janta Party Malware APK Spreading on Android, Warns TraceX Labs

TraceX Labs has issued a critical security advisory warning Android users about a dangerous spyware campaign involving a fake Cockroach Janta Party,malware APK. According to cybersecurity researchers, the malicious Android application is actively spreading through WhatsApp, Telegram channels, and unofficial APK download websites in an attempt to infect devices and steal sensitive user information.

The report identifies the fake Cockroach Janta Party,APK as a sophisticated Android Remote Access Trojan (RAT) and spyware capable of intercepting OTPs, monitoring user activity, stealing contacts and messages, and accessing files stored on infected smartphones. Researchers classified the malware threat level as CRITICAL due to its extensive surveillance capabilities and abuse of Android accessibility features.

According to the TraceX Labs investigation, the malware APK is spreading through WhatsApp APK sharing, Telegram groups, fake download pages, and third-party APK distribution websites. Researchers explained that attackers are using politically themed branding and social engineering tactics to gain user trust and convince victims to manually install the APK on Android devices.

One of the most dangerous findings highlighted in the advisory is the large number of permissions requested by the malware once installed. The fake application reportedly requests access to SMS messages, contacts, call logs, camera, device storage, and Android accessibility services. Security researchers warn that granting these permissions could provide attackers with broad control over the infected device and allow access to highly sensitive personal information.

TraceX Labs specifically identified abuse of Android Accessibility Services as one of the malwares most dangerous capabilities. According to researchers, if accessibility permissions are enabled, the spyware may gain the ability to read on-screen content including OTPs and passwords, capture banking-related information, perform automated clicks, interact with applications silently in the background, and bypass Android security warnings.

The cybersecurity firm also conducted a detailed reverse engineering analysis of the APK using Android malware analysis and decompilation tools. The investigation uncovered multiple embedded spyware modules capable of SMS interception, OTP forwarding, contact theft, call history extraction, device fingerprinting, gallery and media theft, file collection from storage, process monitoring, network activity tracking, and background surveillance operations.

Researchers noted that the malware appears specifically designed for long-term surveillance, credential theft, and financial fraud operations rather than simple spam or adware activity. The report further revealed that the spyware continuously communicates with remote infrastructure while blending malicious traffic with legitimate encrypted internet activity, making detection more difficult during normal network monitoring.

During network traffic analysis, researchers observed the malware actively transmitting sensitive information from infected devices. According to the advisory, the spyware can exfiltrate SMS messages, OTPs, contacts, call logs, photos, media files, device identifiers, stored documents, and SIM-related information.

TraceX Labs warned that the malwares capabilities could expose victims to identity theft, banking fraud, account compromise, and serious privacy risks. The cybersecurity firm advised Android users to install apps only from trusted app stores, avoid APK files shared through WhatsApp or Telegram, carefully review app permissions, and never grant accessibility permissions to unknown applications.

Researchers emphasized that Android spyware campaigns are becoming increasingly sophisticated as attackers continue using social engineering and unofficial APK distribution methods to target users at scale.

Report :https://tracexlabs.com/reports/cockroach-janta-party-malware-threat-report-2026.html