This Fake Telegram App Might Have Been Spying on You
Telegram is the second most popular messaging app after WhatsApp, and
its ubiquity has made it a primer target for malicious actors. It turns
out that a fake version of Telegram has been making the rounds, and it
may have been invading your privacy by spying on you with all things
having been considered and taken into account. Researchers from Eset have found that the app contains spyware which can make it harder to maintain privacy than might have been the case otherwise.
With
all of that having been said and now out of the way, it is important to
note that this app uses Shagle to initiate its attacks. Shagle is a
video chat platform that is free to use, and users may have spotted an
ad that tells them to download Telegram. The thing is, this app is
entirely fake and its sole purpose is to glean sensitive data from you
in large quantities.
One might think that Shagle is to blame, but
in spite of the fact that this is the case the site is another victim
to impersonation. Users who download the app likely didn’t visit the
legitimate version of Shagle. Instead, they were taken to a site that
tells them to download an app which is a real red flag since Shagle does
not have any apps for people to use. It is available solely through its
websites, so users really need to keep this in mind.
This fake
Telegram app is part of a new coordinated malware campaign that is
causing great harm to a large number of users who don’t know any better.
The group behind this app is called StrongPity, and unsuspecting users
who download the app might end up accidentally giving it access to
various other apps that are on their phone.
Google is not to blame, even though the app is for Android phones. It is only available through the fake site, and that just goes to show that you need to avoid downloading apps from third parties since you never know how risky they can end up being. m