Friday, 10 Jan 2025

This fake app clone will steal everything you type on your Android

Security researchers have found a fake app pretending to be a version of the messaging app Telegram, and hackers are using the app to spread malware.


This fake app clone will steal everything you type on your Android
1.9 k views

Fake apps are a big problem, and their clever social engineering tricks make them hard to catch. 

Since it tracks your keyboard, it also gets all your passwords, which could give hackers access to sensitive data.

Hackers are spreading FireScam by pretending it's a premium version of Telegram. They've created a fake website on GitHub that looks like RuStore (a real app store in Russia). When people visit this fake site, they're tricked into downloading an app that looks like "Telegram Premium." However, this app is actually a trap. Once installed, it downloads the FireScam malware onto your device and starts stealing your personal data.

To avoid detection, the app is heavily disguised using a tool called DexGuard. It asks for permissions to access your storage, check installed apps and install more software. When you open the app, it shows a fake login page that looks like Telegram's. If you enter your details, it steals your credentials.

The malware also monitors device state changes, such as when the screen turns on or off, and tracks e-commerce transactions to capture financial details. Plus, it spies on messaging apps to steal conversations and monitors screen activity, uploading key events to its server for further exploitation.

1. Download apps only from official stores: Always use trusted app stores like Google Play or the Apple App Store to download apps. These platforms have security measures to detect and remove fake or harmful apps. Avoid downloading apps from random websites, pop-up ads or unofficial third-party stores as these are common sources of fake apps.

2. Verify the app's developer: Before installing an app, check who created it. Look at the developer's name and ensure it matches the official company behind the app. Fake apps often copy the names of popular apps but use slightly altered spellings or extra characters. For example, a fake might be called "PayPaal" instead of "PayPal."

3. Pay attention to reviews and ratings: Reviews and ratings can give you insight into an app's authenticity. If an app has mostly negative reviews, very few downloads or generic comments like "Great app," it could be fake. Genuine apps typically have a large number of detailed reviews over time. Be cautious of apps with five-star ratings but no specific feedback.

4. Be cautious of app permissions: Check the permissions the app requests before installing. A flashlight app, for example, shouldn't need access to your contacts or messages. If an app is asking for permissions that don't align with its purpose, it could be a red flag. Always deny permissions that seem excessive or unnecessary.

The FireScam malware is a powerful tool that can steal everything on your phone, and it's tough to detect if you're not careful. Such apps can't be distributed through legitimate app stores like the Play Store or the App Store, so they rely on third-party stores and fake websites to spread. To stay safe, the best approach is to stick to verified app stores and avoid downloading from untrustworthy sources.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

you may also like

'Opposite of a seat squatter': Flight passenger shares unexpected encounter with fellow traveler
  • by foxnews
  • descember 09, 2016
'Opposite of a seat squatter': Flight passenger shares unexpected encounter with fellow traveler

A social media user is sharing her in-flight encounter with a passenger who was an "opposite" tale from the viral "seat squatter" stories. An etiquette expert weighs in.

read more