Alert! Unauthorized Apps Could Be Monitoring Your Activity – Check If You Installed These 2 and Uninstall Immediately
Constantly on the lookout, hackers are determined to infiltrate your smartphone and pilfer valuable information or money. Their preferred method involves tricking users into downloading seemingly useful apps or counterfeit versions of popular ones. Alarmingly, these fraudulent apps can be found on major platforms like Google Play Store, Samsung Store, and App Store. Even these reputable stores struggle to detect these fake apps, as hackers are highly skilled at evading detection. Once downloaded, these deceptive apps unleash malware that infects users’ phones.
This puts your personal information at risk. In a recent revelation, cyber security firm ESET has revealed the sneaky tactics hackers use to infiltrate Android phones, compromising user data and chats. Fake apps pretending to be extensions or premium versions of the popular messaging platforms Signal and Telegram have been found in the app stores of Google and Samsung, posing a significant threat to users.
Remove Signal Plus Messenger and FlyGram now!
According to a report by Tom’s Guide, these malicious apps, known as “Signal Plus Messenger” and “FlyGram,” are designed to extract sensitive information from legitimate Signal and Telegram accounts, including call logs, text messages, and locations when users perform certain actions. Attackers are exploiting a feature that allows users to link their mobile apps to other devices, such as desktops or tablets, to secretly connect compromised devices to attackers’ Signal accounts, allowing them to spy on users without their knowledge.
While both Google and Samsung have taken swift action to remove these malicious apps from their respective app stores, thousands of downloads have already taken place. “Signal Plus Messenger” had been available on the Play Store since July 2022 and was downloaded about 100 times before it was removed in April thanks to a tip from ESET. Similarly, “FlyGram” saw 5,000 downloads after its Play Store release in June 2020, before being removed the following year.
What makes this discovery particularly alarming is the mysterious “auto-linking” feature that has gone largely unnoticed until now. The malicious apps were built using open-source code from Signal and Telegram, and the hackers deploy a spying tool known as “BadBazaar,” a Trojan used in previous attacks on Uyghurs and other Turkish ethnic minorities. ESET suspects that a Chinese hacking group called GREF is behind this campaign.
To protect your phone, you should follow these two steps as soon as possible:
Remove fake apps: If you have either Signal Plus Messenger or FlyGram installed on your Android device, remove them immediately.
Check Linked Devices regularly: Check your device settings regularly, especially the “Linked Devices” section to identify and remove unrecognized or unauthorized connections.
By following these precautions and remaining vigilant, you can minimize the risk of becoming a victim of these sophisticated cyber attacks. Ultimately, your digital security is in your hands.