Cybersecurity researchers from CyFirma have detected a fake Telegram app, dubbed “FireScam”, being distributed via fraudulent websites that mimic Russia’s app store, RuStore. Acting as a Telegram premium version, it steals victims’ login credentials and other sensitive data. The malware displays a fake Telegram login page, monitors user activity, notifications, clipboard data and more, then extracts the data to a third party server. Attribution to a known threat actor remains unknown.
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence
