Many alternative client Fake mods have emerged in widely used messaging platforms like Telegram, Signal, and WhatsApp. These modified applications offer users a range of features and functionalities that surpass those found in the official counterparts. These enhancements can include unique capabilities and customization options that cater to specific user preferences and needs. From enhanced privacy settings to innovative communication tools, these mods present an enticing prospect for those seeking a more tailored messaging experience. However, users must exercise caution, as the platforms do not officially endorse these modifications and may carry certain risks. It’s imperative to weigh the benefits against potential vulnerabilities before opting for these alternative clients.
Table of Contents
The Proliferation of Telegram Mods
While WhatsApp disapproves of mods — periodically banning them from official app stores, not only has Telegram never waged war on alternative clients, it actively encourages their creation, so Telegram mods are popping up like mushrooms. But are they safe?
The Trojan Threat
Several recent studies show that messenger mods should be handled with great caution. Although most users still unquestioningly trust any app that’s been verified and published on Google Play, we’ve repeatedly highlighted the dangers: when downloading an app on Google Play, you could also pick up a Trojan (that one had more than 100 million downloads!), a backdoor, a malicious subscriber, and loads of other muck.
Unmasking the Infected Apps
We’ll start with a recent story. Kaspersky experts discovered several infected apps on Google Play under the guise of Uyghur, Simplified Chinese, and Traditional Chinese versions of Telegram. The app descriptions are written in the respective languages and contain images very similar to those on the official Telegram page on Google Play.
To persuade users to download these mods instead of the official app, the developer claims that they work faster than other clients thanks to a distributed network of data centers worldwide.
The Inside Story
At first glance, these apps appear to be full-fledged Telegram clones with a localized interface. Everything looks and works almost the same as the real thing.
The Hidden Spyware
We took a peep inside the code and found the apps to be little more than slightly modified versions of the official ones. That said, there is a slight difference that escaped the attention of the Google Play moderators: the infected versions house an additional module. It constantly monitors what’s happening in the messenger. It sends masses of data to the spyware creators’ command-and-control server: all contacts sent and received messages with attached files, names of chats/channels, name and phone number of the account owner — the user’s entire correspondence. Even if a user changes their name or phone number, this information gets sent to the attackers.
How do the fake versions of the Telegram app work?
These apps entice unsuspecting victims by presenting themselves as faster versions of the Telegram app, closely mimicking its interface and functionalities. Additionally, with over 60,000 installations, it is evident that this campaign has successfully attracted a substantial number of potential victims.
In response to these reports, Google thankfully removed these apps from the Play Store and stated, “We take security and privacy claims against apps seriously, and if we find that an app has violated our policies, we take appropriate action. Users are also protected by Google Play Protect, which can warn users or block apps known to exhibit malicious behavior on Android devices with Google Play Services.”
In light of these incidents, here are a few tips on how to protect yourself from infected versions of popular messengers, as well as other threats targeting Android users:
- As we’ve seen, even Google Play isn’t immune to malware. That said, official stores are still far safer than other sources. So, always use them to download and install apps.
- As this post has clarified, alternative clients for popular messengers should be treated cautiously. Open source lets anyone create mods — and fill them with nasty surprises.
- Before installing even the most official app from the most official store, look closely at its page and ensure that it’s real — pay attention to the name and the developer. Cybercriminals often try to fool users by making clones of apps with descriptions similar to the original.
- It’s a good idea to read negative user reviews — if there’s a problem with an app, most likely, someone will have already spotted and written about it.
- And be sure to install reliable protection on all your Android devices, which will warn you if malware tries to sneak in.
What is a Telegram mod?
A Telegram mod is a modified version of the official Telegram app that offers additional features and capabilities not available in the original version.
How can I distinguish between a fake Telegram mod and the official app?
Pay close attention to the app’s description, developer details, and user reviews. Official apps from reputable developers are generally safer. Avoid downloading apps from unofficial sources.
Are all alternative clients for popular messengers risky?
While not all alternative clients are risky, it’s essential to exercise caution. Open-source platforms can be manipulated, potentially introducing malicious elements into these modified versions.
What steps can I take to protect my Android device from malware?
Stick to official app stores like Google Play for downloads. Read app descriptions carefully and verify the developer’s credentials. Additionally, consider using reliable security software to detect and prevent malware.
How does Google Play Protect safeguard users from malicious apps?
Google Play Protect is a security feature that scans apps for potential threats. If a malicious behavior is detected, it can warn or block the app on Android devices with Google Play Services.
In the ever-evolving digital communication landscape, the availability of alternative clients for popular messaging apps like Telegram is both a boon and a potential hazard. While some mods offer intriguing features, they come with significant risks. Recent studies have shed light on malicious elements within these modified apps, highlighting the importance of caution.
Infected Telegram mods on Google Play remind us trusted platforms aren’t entirely immune to threats. Users must remain vigilant and adopt protective measures. Stick to official app stores, scrutinize app details, and consider user feedback. Investing in robust security software adds an extra defense against potential malware. Safeguarding your digital presence is a shared responsibility between users and platform providers. We can navigate the digital realm with greater confidence and security by staying informed and taking proactive steps.
Selva Ganesh is the Chief Editor of this Blog. He is a Computer Science Engineer, An experienced Android Developer, Professional Blogger with 8+ years in the field. He completed courses about Google News Initiative. He runs Android Infotech which offers Problem Solving Articles around the globe.