In the latest developments, it was reported that threat actors brought in a fake Signal App on Google Play. These hackers are reportedly China-linked. Cybersecurity researchers at ESET dubbed these threat actors as GREF, and reportedly released a version of this fake Signal App, even on the Samsung Galaxy Store. The name of this app is Signal Plus Messenger.
ESET researcher Lukas Stefanko expressed that the purpose of these fake apps is to spy on the communications of the real app. Real Signal app allows users to link their mobile app to their desktop or Apple iPad. The fake Signal apps devised a way to automatically connect the compromised device to the attacker’s signal. In this way, they had access to whatever communication happening on the app.
In context to this incident, reports by Proton Privacy stated that Google and Apple charge app developers up to 30 % of their earnings, just to vet for security risks.
#Google and #Apple charge app developers 30% of their earnings to allegedly vet for security risks.
And yet, a fake @Signal app has found its way into the @GooglePlay app store.
Big Tech monopolies don't lead to better security. They stifle innovation and kill competition. https://t.co/qv5ODW8Doa
— Proton (@ProtonPrivacy) September 6, 2023
Proton Privacy took to social media platform X and expressed dissatisfaction regarding the same. It expressed concerns that despite Google and Apple charging such a considerable amount to cross-check security risks, a fake Signal app found its way to the Google Play Store.
Proton Privacy further expressed that big tech monopolies only stifle innovation and kill competition, instead of enabling better security.
