Skip to content

January 11, 2018

Telegram targeted by fake apps that serve malware and ads

by John_A

Make sure you check an app’s name before you download it: Telegram, for instance, had an evil twin on Google Play named “Teligram.” According to Symantec, which discovered its existence, its profile and description on the store mirrored the authentic app’s, with the only difference being the slightly altered logo. It was also branded as “New version updated” in an effort to fool users into thinking it’s the new version of Telegram. And it probably could’ve fooled people, too, since it actually works as a messaging platform.

Teligram (with the “i”) served ads within the chat list and also showed full-screen advertisements. While it didn’t seem to have malicious content, it’s still good to know that Google Play has already pulled it down. Symantec has discovered another fake Telegram app that can install malware into your system, though. That one was built using the real app’s open source code and is being distributed on third-party platforms with the same package name (org.telegram.messenger). Once you install it, a hacker can add a backdoor or an ad clicker to your system. Thankfully, it’s easy to avoid it: simply don’t install apps from sketchy websites.

Apps on Google Play like Teligram are more deceptive, and it’s definitely not the first time Symantec has spotted an impostor on the official store. Just a while ago, the security firm also found a phony Uber app that can steal your log-in credentials. It even deep links to a URL in the real application to look legit.

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: