289

Before linking an account, be sure the app you're using is legit.

you are viewing a single comment's thread
view the rest of the comments
[-] autotldr@lemmings.world 7 points 1 year ago

This is the best summary I could come up with:


Researchers on Wednesday said they found fake apps in Google Play that masqueraded as legitimate ones for the Signal and Telegram messaging platforms.

The malicious apps could pull messages or other sensitive information from legitimate accounts when users took certain actions.

Doing so caused the malicious app to send a host of private information to the attacker, including the device IMEI number, phone number, MAC address, operator details, location data, Wi-Fi information, emails for Google accounts, contact list, and a PIN used to transfer texts in the event one was set up by the user.

The following screenshot shows the information in transit from the infected device to the attacker server:

BadBazaar, the malware responsible for the spying, bypasses the usual QR code scan and user click process by receiving the necessary URI from its C&C server, and directly triggering the necessary action when the Link device button is clicked.

In this case, if the official Signal clients were to display a notification whenever a new device is linked to the account, the fake version could simply disable that code path to bypass the warning and hide any maliciously linked devices.


The original article contains 780 words, the summary contains 191 words. Saved 76%. I'm a bot and I'm open source!

this post was submitted on 30 Aug 2023
289 points (98.3% liked)

Technology

59080 readers
3263 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS