Security News > 2023 > January > Hackers target Android users with fake Shagle video-chat app
The StrongPity APT hacking group is distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an added backdoor.
Once installed, this app enables the hackers to conduct espionage on the targeted victims, including monitoring phone calls, collecting SMS texts, and grabbing contact lists.
The Android app is signed with the same certificate the APT used to sign an app that mimicked the Syrian e-gov Android application in a 2021 campaign.
The malicious Android application distributed by StrongPity is an APK file named "Video.apk," the standard Telegram v7.5.0 app modified to impersonate a Shagle mobile app.
One drawback of using Telegram as the basis for the hacking group's fake app is that if the victim already has the real Telegram app installed on their phones, the backdoored version won't be installed.
Roid users should be cautious with APKs sourced outside Google Play and pay attention to permission requests while installing new apps.