TTB White LOGO TB
  • News
  • PC & Hardware
  • Mobiles
  • Gaming
  • Electronics
  • Gadget
  • Reviews
  • How To
Trending
Google Launches Hands-Free AI Chat in Search for Android, iOS
Snap Acquires Saturn: Social Calendar App for Students to Enhance Snapchat
AI at Risk? Anthropic Flags Industry-Wide Threat of Model Manipulation
Meta Courts Scale AI as Backup After Failed Perplexity Bid
How to Save PDFs and eBooks from Messages to Apple Books on Any Device
Sunday, Jun 22, 2025
The Tech BasicThe Tech Basic
Font ResizerAa
Search
  • News
  • PC & Hardware
  • Mobiles
  • Gaming
  • Electronics
  • Gadget
  • Reviews
  • How To
Follow US
Map 2
The Tech Basic > Mobiles > False Telegram and Signal applications spread spyware code among users.
MobilesNews

False Telegram and Signal applications spread spyware code among users.

Evelyn Blake
Last updated: 19 March 2024 20:35
Evelyn Blake
Share
Map 2
SHARE

Researchers from ESET, a proactive threat detection company, have discovered two malicious applications pretending to be Telegram and Signal to infect unsuspecting victims’ smartphones. The report states that the spyware code was identified on Android operating system devices, putting thousands of devices at risk.

According to the cybersecurity company’s study, the threat actors behind the tool are attributed to the Advanced Persistent Threat (APT) group GREF from China. It appears that the apps remained active and available for download from July 2020 to July 2022, during which time the hacker group operated by invading phones worldwide.

The infected applications were distributed through official Google system stores, such as the Play Store and Samsung’s Galaxy Store, as well as websites representing the malicious applications Signal Plus Messenger and FlyGram. The spyware malware was identified as “BadBazaar,” discreetly operating in the background without the victim’s awareness.

Based on their telemetry, ESET identified active Android campaigns in which an attacker uploaded and distributed malicious applications under the names Signal Plus Messenger and FlyGram via Google Play Store, Samsung Galaxy Store, and websites, mimicking the Signal app (signalplus[.]org) and an alternative Telegram app (flygram[.]org).

See below the map of affected countries:

False Telegram

The document points out that BadBazaar’s intention was to collect data stored in the device’s internal storage, such as notes in the notepad, login information, banking credentials, etc., and send them directly to the criminal, who could use these data to commit fraud, bank fraud, and other scams.

In the case of FlyGram, the “parallel” version of the Russian messenger, if users activate a specific FlyGram feature that allows them to back up and restore Telegram data on a remote server controlled by the attackers, the threat agent will have full access to these Telegram backups, not just the collected metadata.

Signal Plus Messenger, on the other hand, collects device data and similar confidential information; its main goal, however, is to spy on the victim’s Signal communications, potentially extracting the Signal PIN number that protects the account and misusing the device’s tethering feature that allows users to link Signal Desktop and Signal iPad.

Related:

WHATSAPP FOR NOW DOES NOT PLAN TO SHOW ADVERTISEMENTS.

DUOLINGO WILL SOON OFFER A UNIFIED APP FOR LANGUAGE, MATHEMATICS

TAGGED:Android
Share This Article
Facebook Reddit Copy Link Print
Share
Evelyn Blake
By Evelyn Blake
Follow:
Evelyn Blake is an investor in technology and journalist who has been in the nascent space since 2014. Her love and passion for technological innovations made her delve deeper into the world of technology evolution. As a journalist, Evelyn has been covering latest trends and emerging gadgetries. She is a philanthropist and human rights activist.

Let's Connect

FacebookLike
XFollow
PinterestPin
InstagramFollow
Google NewsFollow
FlipboardFollow

Popular Posts

Engadget

Google Launches Hands-Free AI Chat in Search for Android, iOS

Salman Akhtar
SnapChat

Snap Acquires Saturn: Social Calendar App for Students to Enhance Snapchat

Salman Akhtar
Anthropic

AI at Risk? Anthropic Flags Industry-Wide Threat of Model Manipulation

Salman Akhtar
Meta

Meta Courts Scale AI as Backup After Failed Perplexity Bid

Salman Akhtar

You Might Also Like

Meta
News

Facebook Messenger Passkey Login: iOS Android Security

Adobe Firefly Mobile Unleashes Professional AI Creativity Anywhere

MARCA
News

Android Instant Apps Shut Down: Why Google’s Big Bet Failed

Android 16
Blog

How Android 16’s Battery Health Assistance Keeps Your Phone in Top Shape

Social Networks

Facebook-f Twitter Instagram Pinterest Rss

Company

  • About Us
  • Our Team
  • Contact Us

Policies

  • Disclaimer
  • Privacy Policy
  • Cookies Policy
Latest
Meta’s Next Smart Glasses Feature Oakley Design and 3K Recording
TikTok’s Legal Limbo: Trump’s Third Extension Defies Supreme Court Ruling
Adobe’s Latest Camera App Brings Smart Photography to Your iPhone
Punch-Hole Camera, Under-Screen Face ID Still Expected With iPhone 18 Pro
Microsoft Password Deletion: Act Now Before August Deadline

© 2024 The Tech Basic INC. 700 – 2 Park Avenue New York, NY.

TTB White LOGO TB
Follow US
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?