Martin
"A fake version of the private messaging app Signal has found a way onto Google Play and appears to be linked to a Chinese spy operation, researchers claimed on Wednesday." https://www.forbes.com/sites/thomasbrewster/2023/08/30/malicious-signal-app-planted-on-google-play-by-china-linked-cyber-spies/
A Fake Signal App Was Planted On Google Play By China-Linked Hackers

Hackers who previously targeted Uyghurs evaded Google Play security checks to push a fake Signal app for Android. It uses a never previously-documented method to spy on the encrypted comms tool.

Forbes
Aug 30, 2023 at 7:54pmWeb
Show threadMark McClellandAug 30, 2023
@mshelton On the bright side, at least they're transparent about their desire to "deconstruct the administrative state". And really... what good would an effective administrative state be in orchestrating a desperately needed response to a global crisis? We all KNOW government just gets in the way.
๐Ÿ˜ฐ
Show threadLostNetizenAug 30, 2023
@mshelton โ€œSamsung has not yet taken any action, despite being notified back in May.โ€ โ€” WTF?!
Show threadwakest likes your bugs โ‚Aug 30, 2023

@LostNetizen @mshelton looks like this is still there https://galaxystore.samsung.com/detail/org.thoughtcrime.securesmsplus?langCd=en

I wonder if this is the same they are referring to

Signal Plus Messenger - Apps on Galaxy Store

Signal Plus is a modified instantaneous communication App of the original Signal with additional features that includes the privacy and security features,customazation,proxy and more. Proxy You ca...

Show threadCassidy James   Aug 31, 2023
@liaizon @LostNetizen @mshelton huh, maybe down now?
Show threadwakest likes your bugs โ‚Aug 31, 2023
@cassidy @LostNetizen @mshelton thats interesting it was taken down sometime between when I posted and when you posted...
Show threadTodd WalkerAug 30, 2023
@mshelton @kissane โ€œfound its wayโ€? Like, >>poof<< it just appeared? And no one at Google knows how? ๐Ÿค”
Show threadLight๐Ÿงโ‚Aug 30, 2023
@mshelton
They gived a different name to the app "Signal Plus Messenger", but why? In this way is less deceptive, it has a different name than the legit one and the fake Telegram app too is called "Flygram". Like they intentionally wanted to be sus. ๐Ÿค”๏ธ
Show threadJasper ๐Ÿ‰Aug 30, 2023

@mshelton this is why you look really close at the name and username. Also if it is installed, you must see the button is "update".

Tho like the appstore should probably notice it\'s a lookalike too...

Show threadalberta is a hoaxAug 30, 2023
@mshelton Yet it's still more secure than Telegram!
Show threadH4Heights ๐Ÿ‡ช๐Ÿ‡บ๐Ÿ‡ต๐Ÿ‡ธ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡จ๐Ÿ‡ฆAug 31, 2023
@mshelton Should have bought an iPhone
Show thread็“ฎ็พŠAug 31, 2023
@mshelton holy..
Show threadwakest likes your bugs โ‚Aug 31, 2023
@mshelton this whole story is sus, neither of those are "fake" signal or telegram apps, and they dont pretend to be.
Show threadwakest likes your bugs โ‚Aug 31, 2023
@mshelton looking at the original report instead of the forbes article is a bit better, but still the whole thing sorta seems manufactured https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

ESET research uncovers active campaigns linked to the China-aligned APT group known as GREF that distributing espionage code previously targeting Uyghurs.

Show threadFirnin Aug 31, 2023
@mshelton Does anyone know how something like this could/can happen? I always was under the impression that the security measurements of the big App Stores should be preventing such things from happening