'Evil Telegram' Android apps on Google Play infected 60K with spyware

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,600
Content source
https://www.bleepingcomputer.com/news/security/evil-telegram-android-apps-on-google-play-infected-60k-with-spyware/
Several malicious Telegram clones for Android on Google Play were installed over 60,000 times, infecting people with spyware that steals user messages, contacts lists, and other data.

The apps appear to be tailored for Chinese-speaking users and the Uighur ethnic minority, suggesting possible ties to the well-documented state monitoring and repression mechanisms.

The apps were discovered by Kaspersky, who reported them to Google. However, at the time the researchers published their report, several malicious apps were still available for download through Google Play.
Click to expand...
Dangers of modded messaging apps

Late last month, ESET warned about two trojanized messaging apps, Signal Plus Messenger and FlyGram, promoted as more feature-rich versions of the popular open-source Signal and Telegram apps.

Now removed from Google Play and the Samsung Galaxy Store, those apps contained the BadBazaar malware that allowed their operators, the Chinese APT 'GREF,' to spy on their targets.

Earlier this year, ESET discovered two dozen Telegram and WhatsApp clone sites distributing trojanized versions of the popular messaging apps, also targeting Chinese-speaking users.

Users are recommended to use the genuine versions of messaging apps and avoid downloading forked apps that promise enhanced privacy, speed, or other features.

Google has been unable to stop these malicious uploads mainly because the publishers introduce malicious code via post-screening and post-installation updates.

In July, the tech giant unveiled a strategy to implement a business verification system on the Google Play store starting on August 31st, 2023, aiming to enhance security for Android users.
Click to expand...
www.bleepingcomputer.com

'Evil Telegram' Android apps on Google Play infected 60K with spyware

Several malicious Telegram clones for Android on Google Play were installed over 60,000 times, infecting people with spyware that steals user messages, contacts lists, and other data.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: TairikuOkami, upnorth, vtqhtr413 and 3 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Trojanized Signal and Telegram apps on Google Play and Samsung Galaxy Store delivered spyware
Replies
7
Views
1,305
News Archive
cartaphilus
cartaphilus
CyberTech
    • Like
    • +Reputation
Android adware apps on Google Play amass two million installs
Replies
0
Views
702
News Archive
CyberTech
CyberTech
Ink
    • Like
    • +Reputation
Malware News 12 Malicious Messaging Apps found on Google Play Store; VajraSpy RAT
Replies
0
Views
877
Security News
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top