A new Android backdoor named Android.Backdoor.Baohuo.1.origin is rapidly infecting devices through fake versions of Telegram X, allowing attackers full control over user accounts. The malware, using the Redis database for command and control, has impacted over 58,000 devices worldwide, mainly in India, Brazil, and Indonesia. #Android.Backdoor.Baohuo #TelegramMalware
Keypoints
- Baohuo malware spreads via fake Telegram X apps available on third-party app stores and ads.
- It uses the Xposed framework to manipulate app behavior and hide malicious activity.
- Once installed, Baohuo takes control of Telegram accounts and can delete or hide chats and notifications.
- The malware uniquely uses a Redis database for command and control, enhancing its resilience.
- Users are advised to download Telegram only from official sources to avoid infection.
Read More: https://hackread.com/baohuo-android-malware-telegram-x-hijacks-accounts/