TechnologyTop Stories
Telegram: Infected clones of Telegram app stealing user data: How to spot them
Last week cyber security company ESET reported about Malicious Wire And Signal disguised apps on Google play store. Now, another report has found clones of Telegram app spying on its users.
according to a report by KasperskyThese clone apps steal user’s messages, contact list and other data. It appears that these apps are designed for Chinese speaking users and Uyghur Ethnic minority.
The report states, “To persuade users to download these mods instead of the official app, the developer claims that they work faster than other clients due to their distributed network of data centers around the world.” Are.”
The company said these apps look identical to legitimate apps but have slightly modified code that escaped the attention of Google Play moderators: the infected versions contain an additional module.
The module constantly monitors what is happening in the messenger and sends tons of data to the command-and-control servers of the spyware creators. The data includes “all contacts, sent and received messages with attached files, chat/channel names, account owner names, and phone numbers.”
Signal, Telegram apps linked to China
Last week, a team of researchers discovered two Android apps that have been distributed by Chinese hackers and are stealing users’ private data. ESET researchers say there are active campaigns involving China-aligned APTs known as the group G R E FDistributing spy codes via two apps: Signal Plus Messenger and flygram,
These apps were found on the Google Play Store, samsung galaxy store, and dedicated websites. Google and both SAMSUNG The apps were removed from their respective app stores.
according to a report by KasperskyThese clone apps steal user’s messages, contact list and other data. It appears that these apps are designed for Chinese speaking users and Uyghur Ethnic minority.
The report states, “To persuade users to download these mods instead of the official app, the developer claims that they work faster than other clients due to their distributed network of data centers around the world.” Are.”
The company said these apps look identical to legitimate apps but have slightly modified code that escaped the attention of Google Play moderators: the infected versions contain an additional module.
The module constantly monitors what is happening in the messenger and sends tons of data to the command-and-control servers of the spyware creators. The data includes “all contacts, sent and received messages with attached files, chat/channel names, account owner names, and phone numbers.”
Signal, Telegram apps linked to China
Last week, a team of researchers discovered two Android apps that have been distributed by Chinese hackers and are stealing users’ private data. ESET researchers say there are active campaigns involving China-aligned APTs known as the group G R E FDistributing spy codes via two apps: Signal Plus Messenger and flygram,
These apps were found on the Google Play Store, samsung galaxy store, and dedicated websites. Google and both SAMSUNG The apps were removed from their respective app stores.
#Telegram #Infected #clones #Telegram #app #stealing #user #data #spot
