Telegram is the second most popular messaging app after WhatsApp, and its ubiquity has made it a primer target for malicious actors. It turns out that a fake version of Telegram has been making the rounds, and it may have been invading your privacy by spying on you with all things having been considered and taken into account. Researchers from Eset have found that the app contains spyware which can make it harder to maintain privacy than might have been the case otherwise.
With all of that having been said and now out of the way, it is important to note that this app uses Shagle to initiate its attacks. Shagle is a video chat platform that is free to use, and users may have spotted an ad that tells them to download Telegram. The thing is, this app is entirely fake and its sole purpose is to glean sensitive data from you in large quantities.
One might think that Shagle is to blame, but in spite of the fact that this is the case the site is another victim to impersonation. Users who download the app likely didn’t visit the legitimate version of Shagle. Instead, they were taken to a site that tells them to download an app which is a real red flag since Shagle does not have any apps for people to use. It is available solely through its websites, so users really need to keep this in mind.
This fake Telegram app is part of a new coordinated malware campaign that is causing great harm to a large number of users who don’t know any better. The group behind this app is called StrongPity, and unsuspecting users who download the app might end up accidentally giving it access to various other apps that are on their phone.
Google is not to blame, even though the app is for Android phones. It is only available through the fake site, and that just goes to show that you need to avoid downloading apps from third parties since you never know how risky they can end up being.
Read next: 30% All Malicious Cloud Downloads Came From OneDrive
With all of that having been said and now out of the way, it is important to note that this app uses Shagle to initiate its attacks. Shagle is a video chat platform that is free to use, and users may have spotted an ad that tells them to download Telegram. The thing is, this app is entirely fake and its sole purpose is to glean sensitive data from you in large quantities.
One might think that Shagle is to blame, but in spite of the fact that this is the case the site is another victim to impersonation. Users who download the app likely didn’t visit the legitimate version of Shagle. Instead, they were taken to a site that tells them to download an app which is a real red flag since Shagle does not have any apps for people to use. It is available solely through its websites, so users really need to keep this in mind.
This fake Telegram app is part of a new coordinated malware campaign that is causing great harm to a large number of users who don’t know any better. The group behind this app is called StrongPity, and unsuspecting users who download the app might end up accidentally giving it access to various other apps that are on their phone.
Google is not to blame, even though the app is for Android phones. It is only available through the fake site, and that just goes to show that you need to avoid downloading apps from third parties since you never know how risky they can end up being.
Read next: 30% All Malicious Cloud Downloads Came From OneDrive
