Data at risk, "Alert "Telegram users (Wikimedia Commons) 
Science & Tech

Modified Telegram app with malware that puts your data at risk found

Cyber-security researchers on Friday revealed a modified version of the popular messaging app Telegram on Android that is found to be malicious and can steal your data.

NewsGram Desk

Cyber-security researchers on Friday revealed a modified version of the popular messaging app Telegram on Android that is found to be malicious and can steal your data.

The malware within the malicious app can sign up the victim for various paid subscriptions, perform in-app purchases, and steal login credentials, according to the mobile research team at cyber-security firm Check Point.

The malicious app was detected and blocked by Harmony Mobile. Though innocent looking, this modified version is embedded with malicious code linked to the Trojan Triada.

"This Triada trojan, which was first spotted in 2016, is a modular backdoor for Android which grants admin privileges to download other malware," the report said.

Modified versions of mobile applications might offer extra features and customizations, reduced prices, or be available in a wider range of countries compared to their original application.

Their offer might be appealing enough to tempt naive users to install them through unofficial external application stores.

"The risk of installing modified versions comes from the fact that the user can't know what changes were made to the application code. To be more precise - it is unknown what code was added and whether it has any malicious intent," the team noted.

The malware disguises itself as Telegram Messenger version 9.2.1.

It has an identical package name (org.telegram.messenger) and the same icon as the original Telegram application.

Upon launch, the user is presented with the Telegram authentication screen, is asked to enter the device phone number, and grant the application phone permissions.

"This flow feels like the actual authentication process of the original Telegram Messenger application. The user has no reason to suspect that anything out of the ordinary is happening on the device," said the researchers.

The malware gathers device information, sets up a communication channel, downloads a configuration file, and awaits to receive the payload from the remote server.

Its malicious abilities include signing up the user for various paid subscriptions, performing in-app purchases using the user’s SMS and phone number, displaying advertisements (including invisible ads running in the background), and stealing login credentials and other user and device information.

"Always download your apps from trusted sources, whether it is official websites or official app stores and repositories. Verify who the author and creator of the app is before downloading. You can read comments and reactions of previous users before downloading," said the team.(IANS/AB)

Suicide bombing kills 12 Pakistan soldiers

Dark energy pushing our universe apart may not be what it seems, scientists say

Climate change boosted hurricane wind strength by 29 kph since 2019, study says

Can Bayern Munich win a seventh Champions League?

AI Speaks Volumes When It Comes to Detecting Parkinson's Disease