A NEW strain of malicious Android software has been found masquerading as a ‘premium’ version of a popular messenger app.
The rogue ‘clone’ app, once downloaded, gives hackers a key into your device whereby they can read everything on your screen, including your text messages and bank card information.
The app advertises itself as ‘Telegram Premium’ to hide a malware form known as FireScam.
Telegram is a messenger app like WhatsApp and Signal.
But no such ‘premium’ version exists.
Cybersecurity researchers at Cyfirma discovered the app being distributed on phishing websites that mimic the RuStore – Russia’s version of the Google Play Store.
While it’s good news the app is not available to download on the official Play Store, it could leave Android owners who are open to sideloading at risk.
The ‘Telegram Premium’ malware requests permissions to monitor notifications on your device, as well as all SMS and phone calls the second it is downloaded.
As victims open the app, they are asked to input their Telegram login which allows hackers to steal their credentials for the messaging service.
Once hackers have free reign over the victim’s Telegram account, they transfer any stolen information to a separate database.
Here, hackers can trawl through all the information and filter it for valuable details, according to researchers.
The malware also keeps a close eye on any online transactions made via the Android device, which might allow hackers to capture a victims financial details.
Anything the user types can be observed and copied by the hacker.
What’s more, the malware can intercept data that is filled in automatically, such as passwords from password managers.
How to spot a dodgy app
Detecting a malicious app before you hit the ‘Download’ button is easy when you know the signs.
Follow this eight-point checklist when you’re downloading an app you’re unsure about:
- Check the reviews – be wary of both complaints and uniformly positive reviews by fake accounts.
- Look out for grammar mistakes – legitimate app developers won’t have typos or errors in their app descriptions.
- Check the number of downloads – avoid apps with only several thousand downloads, as it could be fake.
- Research the developer – do they have a good reputation? Or, are totally fake?
- Check the release date – a recent release date paired with a high number of downloads is usually bad news.
- Review the permission agreement – this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
- Check the update frequency – an app that is updated too frequently is usually indicative of security vulnerabilities.
- Check the icon – look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.
All of this information will available in both Apple’s App Store and the Google Play Store.