ESET malware researchers have discovered an Android app masquerading as the Shagle app, a video chat platform. Shagle is a legitimate, randomized video chat service that offers encrypted communication between strangers, but it has neither an Android app version nor his iOS app version.
ESET reports that upon unmasking the fake Shagle app, researchers found a “Trojan horse version of the Android Telegram app.”
Yes, that Android ‘Shagle’ app is fake
of real The Shagle platform is entirely web-based, so if you see a variant of your app, it’s fake. As mentioned above, the app works, but under its guise it is just an infected version of the Telegram app.
This fake Shagle app is distributed through a fraudulent website masquerading as the official Shagle page. According to ESET researchers, “This fake site only offers an Android app to download, no web-based streaming.”
A trojanized Telegram app impersonating Shagle is equipped with backdoor code that can deploy the following spying capabilities on victims:
- phone call recording
- Collect SMS messages
- Snatch Victim’s Call Record
- contact list spy
Additionally, malicious actors can see incoming notifications after victims grant the fake Shagle app access to certain services. You can also extract communications from 17 apps including Gmail, Messenger, Skype, Tinder, and more.
The malicious actor behind the fake Shagle app is called StrongPity, according to ESET, a cyber-espionage group that has been active for 11 years. The existence of this group first became publicly known in 2016, thanks to a report from Kapersky.
It’s no surprise that a fake Shagle website was created to trick online users into downloading infected Android apps.After all, it’s their action modeStrongPity is known for using fake and misleading websites that give visitors the impression that they offer legitimate software tools, when in fact they offer infected versions of genuine apps. It is designed for download.
There have been numerous reports of malicious apps slipping through cracks in Google Play and destroying users’ phones, but the fake Shagle app is not on any official Android store.Found this rogue app outside Packaged as an APK, the moral of the story is simple. Download Android games, services, and other software products only from authorized stores.
Fortunately, according to ESET, the copycat Shagle website is no longer active.