Picture this: You're using a messaging app like Signal to chat with your friends and family. You download what you believe is the official Signal app from the app store, but little do you know, it is actually a counterfeit version created by hackers!

This fake app mimics the real one, so you won't suspect a thing…

The last thing we want to worry about is whether the apps we're downloading could be secretly spying on us. However, a recent investigation by researcher Lukas Stefanko at ESET, a Slovakian cybersecurity company, has unveiled a disturbing reality: A sophisticated espionage scheme orchestrated by a China-aligned APT (Advanced Persistent Threat) group known as “GREF”.

This group has been deploying a devious piece of malware named “BadBazaar” that targets Android users through fake versions of popular messaging apps, including Signal and Telegram. These malicious versions, named “Signal Plus Messenger” and “FlyGram,” were cunningly designed to resemble the legitimate apps so close…