Hackers steal Signal, WhatsApp user data with fake Android chat app
bleepingcomputer.com
Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.
The Android spyware is suspected to be a variant of "Coverlm," which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.
You are viewing a single comment
I have a hard time seeing how this app gets my Signal info, SMS is no longer supported in Signal.
I suspect fear mongering as it likely DOES take screenshots and since it has the device infected, it grabs the time/position and other intelligence it can grab. I don’t believe for a second they actually hacked the Signal app itself.
Yeah that claim seems fairly unsubstantiated by the rest of the article. It’s probably bullshit.
Wait it isn't? Are you telling me all the SMS I have received were sent into the pitch black abyss?
https://support.signal.org/hc/en-us/articles/360007321171-Can-I-send-SMS-MMS-with-Signal-#:~:text=SMS%20is%20not%20secure%20or%20private%2C%20and%20that,anyone%20snooping%20on%20your%20traffic%20could%20read%20them.
SMS was supported back when I was on android, roughly a year ago, since it handled all of my texting (signal or standard) but it was already broken up in iOS at that point, and they were dropping support for SMS on android (announced October 2022).
I lost SMS support this spring, Signal posted about this in October 2022. I'm on Android and PC.
You install the app, by doing so you give the app permisions.
There is no system permission I'm aware of that will give other applications access to Signal which is an app made to be secure with at least a PIN code for accessing it.