If you've unwittingly installed what you thought were Signal and Telegram messaging apps on your Android phone, it's crucial to act swiftly.
Two deceptive apps, Signal Plus Messenger and FlyGram, were recently discovered masquerading as the genuine apps and have since been removed from official stores and third-party sources.
These counterfeit versions of Signal and Telegram infiltrated the Play Store and Galaxy Store, gaining unsuspecting victims.
Shockingly, Signal Plus Messenger remained listed for a staggering nine months in the Play Store, accumulating over 100 downloads before it was eventually taken down by Google.
FlyGram, developed by the same entity, met the same fate in 2021.
Researchers from Slovak cybersecurity firm ESET uncovered that these apps were not what they seemed; instead, they carried malware that posed a significant threat to users.
Even after removal from official stores, the danger persists if you've downloaded these apps. They can lurk on your device, potentially compromising your personal data.
Google has classified them as malicious apps capable of pilfering your sensitive information.
If you have them on your phone, ensure you unlink your Signal and Telegram accounts from these imposters before deleting them.
ESET researchers revealed that the fake Telegram app had the ability to extract essential device information, including contact lists, Google accounts, and call logs.
Furthermore, it featured a data backup function to a remote server controlled by malicious actors.
The malicious Signal Plus app had the capability to intercept and transmit both sent and received messages to a remote server. This malware was attributed to a Chinese-based group known as BadBazaar.
The culprits even established dedicated websites for both apps to lend them an air of legitimacy, complete with links to install the apps directly from the Google Play Store.
What's more, these bogus apps could surreptitiously record phone calls and access device cameras.
Initially targeting users in China, their scope expanded to include victims in Ukraine, Poland, the Netherlands, Spain, Portugal, Germany, Hong Kong, and the United States.
Title: Protect Your Android Device: Remove Fake Apps and Stay Secure
Additionally, regularly check your Connected Devices list to ensure no unauthorised access has occurred.
If you did install the fake apps, you might need to take more drastic measures, such as purchasing a new device or wiping your phone, to remove any unknown devices from your Signal or Telegram accounts.
If you own a Galaxy phone, verify that neither of these fake apps has infiltrated your device, even though their listings now show as "Application not supported" or "This app is no longer available for purchase or is not supported in this country."
In conclusion, safeguarding your smartphone starts with making informed choices about the apps you install.
In this case, there was no legitimate reason to install fake versions of Signal or Telegram, so always prioritize your device's security over enticing promises.
0 Comments