But people always want more from their apps.

What Are App Mods?

App mods are not an inherently sinister idea.

Screenshot of a Telegram mod in Google Play

Image Credit:Kaspersky

Software is usually modified by tech enthusiasts, third-party developers, and fans.

Some software companies dislike the concept and do their best to crack down on modded versions of their products.

How Does Spyware in Telegram and Signal Clones Work?

telegram app info option

Fake Telegram mods appeared on Google Play as Traditional Chinese, Uyghur, and Simplified Chinese app versions.

The mod was advertised as a faster, lighter version of Telegram.

All this information was sent to the threat actor as people used the app.

telegram app permissions on android

With Signal, the threat actor had a slightly different approach.

They designed a mod called Signal Plus Messenger and created a fake website to seem more legitimate.

Why Do These Telegram and Signal Apps Include Spyware?

telegram settings options

Why are they distributing these malicious mods?

According to the ESET report, one of the main reasons is to spy on ethnic minorities in China.

Granted, there are other scammers distributing spyware-ridden mods, most financially-motivated.

Don’t these stores have moderators whose job is to identify malicious code?

This means they initially create perfectly legitimate mods and then later inject malware via an update.

Even if they don’t, other fake mods will take their place.

Research the Developer

Prior to downloading a modded app, do some research about the people behind it.

Are their activities endorsed by the original developer?

With that said, there are a few reputable sites forsafe APK downloads.

However, a malicious modded app might.

There are severalfree antivirus apps for Androidthat will get the job done.

Signal and Telegram are miles ahead of other messaging apps regarding security and privacy.

For the average person, they’re good enough as they are.