CYBER 101

  • Alerts
  • Blog
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Domains
  • FAQ
  • Incidents
  • Tutorials

Subscribe to our newsletter

FOLLOW US

No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Jobs
  • Vendors
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
  • Jobs
  • Vendors
Get Help
CyberMaterial
Home Alerts

StrongPity hackers target Android users via trojanized Telegram app

January 10, 2023
Reading Time: 2 mins read
in Alerts

The StrongPity APT hacking group is distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an added backdoor.

Shagle is a legitimate random-video-chat platform allowing strangers to talk via an encrypted communications channel. However, the platform is entirely web-based, not offering a mobile app.

StrongPity has been found using a fake website since 2021 that impersonates the actual Shagle site to trick victims into downloading a malicious Android.

Once installed, this app enables the hackers to conduct espionage on the targeted victims, including monitoring phone calls, collecting SMS texts, and grabbing contact lists.

StrongPity, also known as Promethium or APT-C-41, was previously attributed to a campaign that distributed trojanized Notepad++ installers and malicious versions of WinRAR and TrueCrypt to infect targets with malware.

The latest StrongPity activity was discovered by ESET researchers who attributed the campaign to the espionage APT group based on code similarities with past payloads.

Additionally, the Android app is signed with the same certificate the APT used to sign an app that mimicked the Syrian e-gov Android application in a 2021 campaign.

 

READ FULL ARTICLE

Tags: Advanced Persistent ThreatsAlertsAlerts 2023Android appsAppsAPT-C-41BackdoorBogus appsJanuary 2023PromethiumShagleStrongPity APTTelegram
0
VIEWS
ADVERTISEMENT

Related Posts

Over 1,800 Android phishing forms for sale on cybercrime market

Over 1,800 Android phishing forms for sale on cybercrime market

February 2, 2023
Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

February 2, 2023
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

February 2, 2023
White House Mulls Banning Huawei’s Access to US Technology

White House Mulls Banning Huawei’s Access to US Technology

February 2, 2023

More Articles

Book

E-Commerce – Understanding Business Models, Payment and Security Systems

December 20, 2020
Alerts

[Control Systems] Emerson Security Advisory

October 5, 2021
Course

California Consumer Protection Act (CCPA)

March 21, 2022
Alerts

MaliBot: A New Android Banking Trojan Spotted in the Wild

June 16, 2022

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.