Fake VPN apps are being used to distribute Bahamut spyware in a campaign that is active since January. The campaign is conducted by a group of the same name and the main purpose is to extract sensitive user data from devices. So far, eight versions of these malicious apps have been discovered to be distributed via a website.