This week, the ESET research team published their findings about an espionage campaign by the StrongPity APT group that spreads a fully functional, but trojanized version of the legitimate Telegram app for Android. The malicious app – which has various spying features, including recording phone calls and collecting SMS messages – is distributed via a copycat website that mimics Shagle, an adult video-chat service. Never heard about Shagle? Watch the video to learn more not just about the platform, but especially about the StrongPity attacks and its targets and tactics.
For a full technical write-up, head over here: StrongPity espionage campaign targeting Android users.