Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since July 2022, respectively for each malicious app, the campaigns have distributed the Android BadBazaar espionage code through the Google Play store, Samsung Galaxy Store, and dedicated websites posing as legitimate encrypted chat applications — the malicious apps are … More →

The post …

android android users app apps apt campaigns china cybercrime cybercriminals cyber espionage cybersecurity data distributed don't miss eset found galaxy galaxy store google google play july july 2022 malicious malicious app malware play researchers samsung samsung galaxy samsung galaxy store signal smartphones software store targeting telegram threat threat actors tools