In a new wave of cyber threats, a sophisticated Android malware named FireScam has been discovered, posing as the popular Telegram messaging app to steal sensitive user data. First identified by cybersecurity researchers in late 2023, FireScam mimics the legitimate Telegram app’s design and functionality while covertly harvesting private information from infected devices.
How FireScam Operates

FireScam typically spreads through phishing attacks or fake app updates. Users may receive seemingly legitimate notifications or emails claiming to be from Telegram, urging them to download an “updated” version of the app. However, these links lead to the installation of FireScam malware instead.
“This malware employs advanced social engineering tactics to deceive users into installing the fake app,” said cybersecurity expert Dr. Maria Rodriguez. “Once installed, it gains access to a wide range of sensitive data, including login credentials, contact lists, and even device location.”
Data Harvesting and Risks
Upon installation, FireScam begins collecting extensive user data, such as:
- Login credentials for apps and services.
- Contact lists stored on the device.
- Device-specific information, including IMEI numbers and operating system versions.
- Location data for tracking user movements.
This data is sent to command-and-control servers and can be used for identity theft, financial fraud, or targeted advertising. The theft of IMEI numbers is particularly alarming, as these unique identifiers are increasingly exploited by cybercriminals, prompting some countries to enforce stricter IMEI registration systems.
FireScam is more than just a basic phishing tool. According to malware analyst Dr. John Lee, the malware can even intercept two-factor authentication (2FA) codes, heig htening the risks of SIM-swapping attacks. Such attacks caused an estimated $48 million in losses globally in 2023.
Telegram and Google Issue Warnings

Telegram has urged users to only download its app from official sources like the Google Play Store or Apple App Store to avoid malware infections. Google has also enhanced Android security measures, including improved biometric authentication, to combat threats like FireScam.
“Downloading apps from unofficial sources is a significant risk,” a Telegram spokesperson stated. “Always verify the source and permissions before installation.”
How to Stay Protected
To safeguard against malware like FireScam, experts recommend the following:
- Download apps exclusively from official app stores like Google Play or the Apple App Store.
- Verify app permissions to ensure they are necessary for the app’s functionality.
- Keep apps updated to patch security vulnerabilities.
- Use reliable antivirus software to detect and block threats.
Google Play also advises users to:
- Verify the developer name and read app reviews before downloading.
- Be cautious of apps requesting unnecessary permissions.
Pokdepinion: With mobile authentication evolving toward passkey-based systems, taking these precautions is critical to ensuring your digital safety.