Recently, digital security company ESET detected a sophisticated cyber attack by the advanced persistent threat (APT) group StrongPity. The attack targeted Android users with a fake website impersonating an adult video chat service called Shagle and a trojanized version of the Telegram app.

The StrongPity attack distributes a modified version of the open-source Telegram application that contains a backdoor code. The backdoor software has a range of spying features that can collect SMS messages, phone calls, call logs, contact lists, and more. It is also capable of infiltrating conversations from messaging apps such as Viber, Skype, Gmail, Messenger, and Tinder, provided the user grants the application notification and accessibility permissions. The malicious version of the Telegram app is not available on the Google Play Store and must be downloaded from the fake website impersonating Shagle. The package name of the malicious version of the application is identical to the legitimate one, meaning that it cannot be installed on the same device as the real app.

The fake website also offers only an Android app without a web-based streaming service. This suggests that the attack is either targeting users who have the official Telegram app installed on their devices or users in countries where Telegram usage is rare. Lukáš Štefanko, a researcher who analyzed the Trojan-containing Telegram application, stated that the malware found on the fake website is no longer active. However, the backdoor code used by the StrongPity group could be updated at any time.

Cyber-attacks can take many forms, from malicious software to phishing scams. The most common type of attack is the installation of malware that can steal personal information, record conversations, and even take control of a user’s computer. Hackers also may use social engineering tactics to gain access to user accounts and passwords.

In addition, adult video chat services are often targeted by scammers who use fake profiles and false promises to lure users into giving up personal information or money. It is important to be aware of the danger of these scams and to be cautious when engaging in online conversations.

Another risk associated with adult video chat is the potential for inappropriate content or behavior. It is important to be aware that not all users are who they claim to be, and to be cautious of any individuals who make inappropriate requests or behave inappropriately.

Finally, it is important to remember that cyber-attacks can be costly, both in terms of the financial losses associated with them and the potential harm to one’s reputation.

Conclusion

ESET warns users to be vigilant of the StrongPity attack due to its improved backdoor spying features. The malicious application can infiltrate conversations in messaging apps like Viber, Skype, Gmail, Messenger, and Tinder if the victim gives a notification and accessibility confirmation to the malicious StrongPity app. Therefore, it is essential for users to be aware of the potential dangers posed by such malicious attacks and to take the necessary steps to protect their devices.