Photo de Clint Patterson sur Unsplash

Beware of these fake Telegram applications: Real malware 👾

Cliquez ici pour lire en français

After recent alerts concerning the Flygram and Signal Plus Messenger applications, Telegram is now at the centre of spying suspicions. Rest assured, the official platform is one of the most secure, as it is based on a fairly powerful encryption protocol.

Telegram vs Malicious Clones ⚔️

The Play Store is once again the home of spyware. Pernicious clones are being put online by hackers trying to steal user information. The alert has been issued by Kaspersky, one of the world’s leading cybersecurity companies. Researchers recently discovered suspicious lines of code and malware in several fake Telegram apps. 😟
This spotted malware is said to have the ability to spy on conversations, precisely track a device’s location, intercept call logs, text messages, record phone calls, take photos, or exfiltrate contact lists. Basically, no more protecting your personal and sensitive data. 🥵 What’s more, these operations are carried out in the background without the user noticing. The application systematically spies on your every move. This information is then quickly transmitted to malicious actors as soon as it is detected.
Although they are fake, these applications have all the official features. They faithfully mimic the interface, making it difficult to detect. What’s more, with more than 60,000 installations, it’s clear that this campaign has succeeded in attracting a large number of potential victims thanks to a tempting description. What about Google’s reaction?

Google’s response 😓

In response to these reports, Google has happily removed these applications from the Play Store and stated :

« We take security and privacy complaints against apps seriously, and if we find that an app has breached our policies, we take appropriate action. Users are also protected by Google Play Protect, which can warn users or block applications known to exhibit malicious behaviour on Android devices with Google Play services »

However, this incident comes just days after an ESET report highlighted the prevalence of the BadBazaar malware campaign. The latter exploited a malicious version of Telegram to collect chat backups.

Vigilance is the order of the day 👮🏾‍♀️

Reports from Kaspersky researchers have enabled Google to remove these applications from the Play Store. The developers behind the malicious operation have also been banned, but the threat has not been eliminated.
In fact, this type of application can still be found on the Play Store. What’s more, other messaging applications could be masquerading as legitimate applications, pursuing the same espionage objectives and motives. One way of spotting them is to look at the package descriptions. But users could easily be fooled, especially as these malicious applications have been massively downloaded.
So, what do you think?
Sources: 01Net, ESET

Qu'en avez-vous pensé?

Je suis fan
Je me questionne

Vous pourriez aussi aimer

Laisser une réponse

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Plus dans:News