All about Google
All about Google Play Store
Malicious apps used for espionage were found on the Google Play Store and Samsung Galaxy Store. Brazil is on the list of affected places.
Signal Plus Messenger and Flygram applications are malicious versions of the popular Signal and Telegram messaging apps, and feature the Badbazaar named spyware.
According to ESET, a cybersecurity company that has identified the threat, applications managed by the Chinese Hacker Group GREF have taken advantage that sign and telegram applications are open to redo them, deploying the malicious spy code.
Read more:
Brazil is on the list
In addition to Brazil, there are other countries affected: Denmark, Democratic Republic of Congo, Germany, Hong Kong, Hungary, Lithuania, Netherlands, Poland, Portugal, Singapore, Spain, Ukraine, the United States and Yemen.
As reported by Bleeping Computer, Flygram has been on the Google Play Store since July 2020 and was removed in January 2021. During this period it added 5,000 facilities. By the time of publication of this article, the app is still available at Samsung Galaxy Store.
Signal Plus Messenger was placed at Google and Samsung stores in July 2022. Google removed in May. In the Galaxy Store, the application still appears available.
How do malicious applications work?
Experts describe that the intention of these applications is to extract user data. In the case of Flygram, the ability to withdraw information such as contact list, call records, and user’s Telegram account information was identified.
When users activated the backup and restoration of data from Telegram, the remote server controlled by malicious agents obtained the communication data of the social network.
ESET’s analysis indicates that 13,953 Flygram accounts activated the backup/data restoration feature. The total number of users of the copy of Telegram was not disclosed.
The malicious copy of the signal collected similar information, but the main purpose of this application was to spy on communications made by the messenger, extracting PIN codes that are used to protect signal accounts.
Have you ever watched the new videos on YouTube of the digital look? Subscribe to the channel!