You Should Know@lemmy.worldEnglish · 3 days ago

YSK: Telegram APK from APKPure is a spyware

i.ibb.co

252

YSK: Telegram APK from APKPure is a spyware

i.ibb.co

beep@piefed.world to

You Should Know@lemmy.worldEnglish · 3 days ago

cross-posted from: https://piefed.world/c/tech/p/1146502/telegram-apk-from-apkpure-is-a-spyware

On analyzing the APK with jadx, it contains a class DataCollector, which does not exist in the .apk file downloaded from the official Telegram website.

This class collects a lot of your data, including:

Your photos, videos, and files

Your contacts

Your messages

Your GPS Coordinates

Your SIM card information

Your Telegram profile

This data is monitored and uploaded continuously. All the data is uploaded to a server with IP Address 38.190.225.166

💬 Initial discovery by Eric Parker

🔗 APK Analysis: Part 1 | Part 2.

Source on Telegram.

Chat

clb92@feddit.dk
link
fedilink
English
arrow-up
14·
3 days ago
I know that APKMirror supposedly verifies the APK files’ hashes against official sources, so APKs you get there should be fine, unless the developer was compromised at some point, or unless APKMirror itself is lying, but it is run by the people behind Android Police, as far as I know.

You Should Know@lemmy.world

youshouldknow@lemmy.world

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !youshouldknow@lemmy.world

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)

Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you’re a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.

Rule 2- Your post body text must include the reason "Why" YSK:

**In your post’s text body, you must include the reason “Why” YSK: It’s helpful for readability, and informs readers about the importance of the content. **

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That’s it.

Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.

Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.

Rule 11- Posts must actually be true: Disiniformation, trolling, and being misleading will not be tolerated. Repeated or egregious attempts will earn you a ban. This also applies to filing reports: If you continually file false reports YOU WILL BE BANNED! We can see who reports what, and shenanigans will not be tolerated. We are not here to ban people who said something you don't like.

If you file a report, include what specific rule is being violated and how.

Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

12 users / day
1.27K users / week
3.82K users / month
7.12K users / 6 months
1 local subscriber
46K subscribers
179 Posts
2.96K Comments
Modlog