"StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users"

StrongPity, also known as APT-C-41 and Promethium, is an Advanced Persistent Threat (APT) group that has been targeting Android users with a Trojanized version of the Telegram software via a fake website impersonating the Shagle video chat service. The app is a modified version of the open-source Telegram app that has been repackaged with the StrongPity backdoor. StrongPity is a cyberespionage group that has been active since at least 2012, with most of its operations targeting Syria and Turkey. Researchers revealed the existence of the group for the first time to the public in October 2016. Since then, the threat actor's efforts have grown to include other targets in Africa, Asia, Europe, and North America, with the intrusions employing watering hole attacks and phishing attacks to initiate the kill chain. One of the most prominent features of StrongPity is its use of fake websites that promise to offer a variety of software products in order to trick users into downloading infected versions of real apps. This article continues to discuss findings surrounding the StrongPity APT group. 

THN reports "StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users"