Press ESC to close

New FireScam Infostealer Spyware Hits Android via Fake Telegram Premium

Category Details
Threat Actors Cybercriminals exploiting user trust in legitimate app names like Telegram to distribute malware.
Campaign Overview FireScam disguises as “Telegram Premium” app to steal sensitive data and monitor device activities.
Target Regions (Or Victims) Android users, especially those in the Russian Federation.
Methodology • Phishing websites mimicking trusted app stores.
• Social engineering to steal user data.
• Malware disguised as Telegram Premium app.
Product Targeted Android devices, targeting messaging apps, financial apps, and sensitive user data.
Malware Reference FireScam, an infostealer spyware targeting Android users.
Tools Used • Phishing websites (GitHub.io-hosted).
• Firebase Realtime Database for exfiltrating data.
• Firebase Cloud Messaging for remote control.
Vulnerabilities Exploited • User trust in legitimate app names.
• Weak security measures on Android devices.
TTPs • Social engineering tactics.
• Evasion techniques like obfuscation and sandbox detection.
• Continuous monitoring of device activity and exfiltration of sensitive data.
Attribution No specific attribution, but exploits user trust and well-known app names.
Recommendations • Use antivirus software.
• Regularly update software and apps.
• Monitor app behavior and device activity for unusual actions.
Source Hackread

Read full article: https://hackread.com/firescam-infostealer-spyware-android-fake-telegram-premium/

The above summary has been generated by an AI language model

Stay Updated with Our Newsletter

  

Source: Hackread

Published on: January 5, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *