Telegram: Infected clones of Telegram app stealing user data: How to spot them

Last week, cybersecurity company ESET reported about malicious Telegram and Signal apps masquerading on the Google Play Store. Now, another report has found clones of the Telegram app that are spying on their users.
According to a report by Kaspersky, these clone apps steal user messages, contacts lists and other data. These apps appear to have been tailored for Chinese-speaking users and the Uighur ethnic minority.
“To persuade users to download these mods instead of the official app, the developer claims that they work faster than other clients thanks to a distributed network of data centres around the world,” the report said.
The company said that these apps look similar to the legitimate app but the code is slightly modified that escaped the attention of the Google Play moderators: the infected versions house an additional module.
The module constantly monitors what’s happening in the messenger and sends masses of data to the spyware creators’ command-and-control server. The data include “all contacts, sent and received messages with attached files, names of chats/channels, name and phone number of the account owner.”
China-linked Signal, Telegram apps
Last week, a team of researchers discovered two Android apps that are distributed by Chinese hackers and are stealing users’ private data. ESET researchers said that there are active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code via two apps: Signal Plus Messenger and FlyGram.
These apps were spotted on the Google Play store, Samsung Galaxy Store, and dedicated websites. Both Google and Samsung removed the apps from their respective app stores.

Source link

About manashjyoti

Check Also

Google to discontinue Podcasts in 2024

Google has announced that it will discontinue the Google Podcasts in 2024. “Looking forward to …

Leave a Reply

Your email address will not be published. Required fields are marked *