Business
Modified Telegram app with malware that puts your data at risk found
New Delhi, June 30
Cyber-security researchers on Friday revealed a modified version of the popular messaging app Telegram on Android that is found to be malicious and can steal your data.
The malware within the malicious app can sign up the victim for various paid subscriptions, perform in-app purchases and steal login credentials, according to the mobile research team at cyber-security firm Check Point.
The malicious app was detected and blocked by Harmony Mobile. Though innocent looking, this modified version is embedded with malicious code linked to the Trojan Triada.
"This Triada trojan, which was first spotted in 2016, is a modular backdoor for Android which grants admin privileges to download other malware," the report said.
Modified versions of mobile applications might offer extra features and customisations, reduced prices, or be available in a wider range of countries compared to their original application.
Their offer might be appealing enough to tempt naive users to install them through unofficial external applications stores.
"The risk of installing modified versions comes from the fact that it is impossible for the user to know what changes were actually made to the application code. To be more precise - it is unknown what code was added and whether it has any malicious intent," the team noted.
The malware disguises itself as Telegram Messenger version 9.2.1.
It has the identical package name (org.telegram.messenger) and the same icon as the original Telegram application.
Upon launch, the user is presented with the Telegram authentication screen, is asked to enter the device phone number, and to grant the application phone permissions.
"This flow feels like the actual authentication process of the original Telegram Messenger application. The user has no reason to suspect that anything out of the ordinary is happening on the device," said the researchers.
The malware gathers device information, sets up a communication channel, downloads a configuration file, and awaits to receive the payload from the remote server.
Its malicious abilities include signing up the user for various paid subscriptions, performing in-app purchases using the user’s SMS and phone number, displaying advertisements (including invisible ads running in the background), and stealing login credentials and other user and device information.
"Always download your apps from trusted sources, whether it is official websites or official app stores and repositories. Verify who the author and creator of the app is before downloading. You can read comments and reactions of previous users prior to downloading," said the team.
5 hours ago
Malabar Gold & Diamonds Proudly Represents India’s Global Business Vision at PM Modi’s ‘Kia Ora Modi’ event in Auckland, New Zealand
5 hours ago
Didi Krishna’s Message to Physicians at AAPI Convention 2026: A Sacred Blueprint for Physicians as Healers
5 hours ago
Deeply disappointed: 'Melbourne Meets Modi' organisers on 'paid crowd' claims of Rahul, Kharge; seek apology
6 hours ago
‘This is just the beginning’: Tendulkar hails landmark Lord’s Test as defining moment for women’s cricket
6 hours ago
Successive reports on presence of foreign operatives in and around India raises serious concern
10 hours ago
India strongly condemns the attack on vessels transiting Strait of Hormuz
11 hours ago
Devi Sri Prasad on S Janaki amma: Words cannot justify the greatness of this legend!
11 hours ago
Boney Kapoor on daughter Anshula's wedding: ‘It's a memory i'll carry forever’
12 hours ago
Mugdha Godse opens up about her small contribution to Marathi film 'Frame'
12 hours ago
S Janaki's granddaughter Apsara Vydyula: Don’t measure my love for my grandmother by the tears you do or do not see!
12 hours ago
Actress Bhavana clarifies that she does not have a Facebook account!
12 hours ago
Ajay Devgn looks back at 20 years of ‘Golmaal’, calls the journey full of unlimited fun
12 hours ago
Krystle D’Souza calls Awakenings 2026 a core memory, says she’s ‘ruined for every other festival now’
