Telegram Hijacked With Android Malware for Full Control

Cybercriminals are distributing a sophisticated Android backdoor, identified as Android.Backdoor.Baohuo.1.origin, through tampered versions of the Telegram X messenger. This malware, which has effectively left Telegram hijacked with Android malware, provides attackers with full control over user accounts while remaining hidden from victims. It spreads mainly via fake dating and communication apps promoted through deceptive ads and third-party app stores.

The malware has infected over 58,000 devices across 3,000 models, targeting users in Brazil and Indonesia. Victims are lured to fraudulent app catalogs containing malicious APK files that closely mimic Telegram X. Telegram hijacked with Android malware becomes a tool for spying, stealing login credentials, and manipulating chats. The malware uses Redis databases for command control—an unusual move for Android-based threats.

Researchers found that it transmits stolen data every three minutes, while disguising malicious actions within seemingly normal app activity.

Read the full report here:

Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control