Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
by MIYAGI - Wednesday September 20, 2023 at 04:53 AM
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive information from compromised Android devices.

According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server.

The activity has been codenamed Evil Telegram by the Russian cybersecurity company.

The apps have been collectively downloaded millions of times before they were taken down by Google. Their details are as follows -

電報,紙飛機-TG繁體中文版 or 電報,小飛機-TG繁體中文版 (org.telegram.messenger.wab) - 10 million+ downloads
TG繁體中文版-電報,紙飛機 (org.telegram.messenger.wab) - 50,000+ downloads
电报,纸飞机-TG简体中文版 (org.telegram.messenger.wob) - 50,000+ downloads
电报,纸飞机-TG简体中文版 (org.tgcn.messenger.wob) - 10,000+ downloads
ئۇيغۇر تىلى TG - تېلېگرامما (org.telegram.messenger.wcb) - 100+ downloads
The last app on the list translates to "Telegram - TG Uyghur," indicating a clear attempt to target the Uyghur community.

It's worth noting that the package name associated with the Play Store version of Telegram is "org.telegram.messenger," whereas the package name for the APK file directly downloaded from Telegram's website is "org.telegram.messenger.web."

The use of "wab," "wcb," and "wob" for the malicious package names, therefore, highlights the threat actor's reliance on typosquatting techniques in order to pass off as the legitimate Telegram app and slip under the radar.
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Suspected Scamming | Contact us via http://breachedu76kdyavc6szj6ppbplfqoz3p...on/contact if you feel this is incorrect.
form chinese?

Possibly Related Threads…
Thread Author Replies Views Last Post
  Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan bugX 0 416 11-11-2023, 03:09 PM
Last Post: bugX
  Hacker leaks millions of new 23andMe genetic data profiles En3ronthegreat 6 1,466 10-26-2023, 11:01 AM
Last Post: omegatiger57
  Google Chrome just rolled out a new way to track you and serve ads. William1992 24 2,044 09-19-2023, 08:51 PM
Last Post: komi
  Turning Telegram into a social network? sentap 21 2,265 09-09-2023, 08:19 PM
Last Post: smhbyn
  Fake Call Centre in Hyderabad Busted for Duping US Citizens Patoslam 0 515 09-03-2023, 07:02 AM
Last Post: Patoslam

 Users browsing this thread: 1 Guest(s)