An Android app clone will steal all your typed data.

Discover ways to protect yourself from fake apps that appear to be legitimate.

An Android app clone will steal all your typed data.
An Android app clone will steal all your typed data.

The prevalence of fake apps is a major issue, and their sophisticated social engineering tactics make them difficult to detect.

Another fake app has been discovered by security researchers that pretends to be the premium version of Telegram, a popular messaging app with over a billion downloads. This app, called FireScam, is being used by hackers to spread malware that can steal everything you type on your Android phone and other personal information.

Your keyboard tracks your passwords, which could give hackers access to sensitive data.

android
Android phone (Kurt "CyberGuy" Knutsson)

What you need to know about FireScam

Cyfirma's threat management report states that FireScam is a type of malware that steals personal information from Android devices. This malware functions like spyware, monitoring your Android phone's activities, including notifications, messages, and clipboard content.

FireScam is being spread by hackers who are pretending it's a premium version of Telegram. They've created a fake website on GitHub that resembles RuStore, a legitimate app store in Russia. When users visit this fake site, they are tricked into downloading an app that looks like "Telegram Premium." However, this app is actually a trap that downloads FireScam malware onto your device and steals your personal data.

The app, disguised using DexGuard, requests permissions to access your storage, check installed apps, and install additional software. Upon opening the app, it displays a fake login page resembling Telegram's, and if you enter your details, it steals your credentials.

Hackers initially store the stolen data in a Firebase Realtime Database, but later transfer it to private servers. Additionally, the malware assigns a unique ID to each compromised device, allowing hackers to monitor their victims.

Man on phone
A man using his phone (Cyfirma)

FireScam can steal almost everything on your phone

Cyfirma's analysis reveals that the FireScam malware is highly effective at stealing nearly all types of data from an infected Android device. It categorizes and sends anything you type, drag and drop, copy to the clipboard, or even data automatically filled by password managers or exchanged between apps directly to the hackers.

The malware not only tracks device state changes and e-commerce transactions to capture financial details but also spies on messaging apps to steal conversations and monitors screen activity, uploading key events to its server for further exploitation.

fake app
Fake Telegram Premium app (Kurt "CyberGuy" Knutsson)

6 ways to stay safe from fake apps

Always download apps from official stores like Google Play or the Apple App Store to ensure security and avoid fake or harmful apps. Avoid downloading apps from random websites, pop-up ads or unofficial third-party stores as these are common sources of fake apps.

Before installing an app, ensure the developer's name matches the official company behind the app. Fake apps often copy the names of popular apps but use slightly altered spellings or extra characters. For instance, a fake might be called "PayPaal" instead of "PayPal."

Be wary of apps with few downloads and generic comments, as they may be fake. Genuine apps typically have a large number of detailed reviews over time, and be cautious of apps with five-star ratings but no specific feedback.

Be wary of app permissions: Before installing an app, review the permissions it requests. A flashlight app should not require access to your contacts or messages. If an app requests permissions that do not match its purpose, it may be a warning sign. Always reject permissions that seem excessive or unnecessary.

Ensure your device is secure by regularly updating your operating system and apps, which often include important security fixes. Enable automatic updates to always have the latest protections.

6. Secure your Android device: Protect your Android device with strong antivirus software. These tools can detect and remove malware, prevent suspicious activity, and block harmful downloads. Strong antivirus software provides an additional layer of defense, especially when browsing or downloading apps. It can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Discover my top picks for the best 2025 antivirus protection for your Windows, Mac, Android, and iOS devices.

Kurt’s key takeaway

The FireScam malware is a potent software that can steal all data on your phone, and it's challenging to detect unless you're cautious. These malicious apps cannot be distributed through legitimate app stores like the Play Store or the App Store, so they use third-party stores and fraudulent websites to spread. To safeguard yourself, the most effective strategy is to stick to verified app stores and avoid downloading from questionable sources.

Please inform us at Cyberguy.com/Contact when you last reviewed the permissions an app requested.

To receive my tech tips and security alerts, sign up for my free CyberGuy Report Newsletter at Cyberguy.com/Newsletter.

Let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

by Kurt Knutsson, CyberGuy Report

tech

Limited space on new laptop: Tips for managing photos and videos

Limited space on new laptop: Tips for managing photos and videos

tech
An electric hypercar from China successfully navigates obstacles such as spikes and potholes while autonomously driving.

An electric hypercar from China successfully navigates obstacles such as spikes and potholes while autonomously driving.

tech
Stopping robocalls on a flip phone: a guide.

Stopping robocalls on a flip phone: a guide.

tech
What is the origin of the mysterious text that appeared out of nowhere?

What is the origin of the mysterious text that appeared out of nowhere?

tech
Malware-laden emails for fake job interviews

Malware-laden emails for fake job interviews

tech
The message that your Apple ID has been disabled is a dangerous scam.

The message that your Apple ID has been disabled is a dangerous scam.

tech
Your credit score could be negatively impacted by these mistakes.

Your credit score could be negatively impacted by these mistakes.

tech
How to repurpose your old iPhone for a new purpose

How to repurpose your old iPhone for a new purpose

tech
The world is privy to the robot training techniques of a Chinese tech company.

The world is privy to the robot training techniques of a Chinese tech company.

tech
An early supernova was captured in photos by a powerful Webb Telescope.

An early supernova was captured in photos by a powerful Webb Telescope.

tech
If you suspect your computer is infected with a virus, take action immediately.

If you suspect your computer is infected with a virus, take action immediately.

tech
A prosthetic hand controlled by a soft robotic armband allows users to move their artificial limb with ease.

A prosthetic hand controlled by a soft robotic armband allows users to move their artificial limb with ease.

tech
100 million Apple users face potential data theft due to Mac malware.

100 million Apple users face potential data theft due to Mac malware.

tech
Experience the excitement of eVTOL racing.

Experience the excitement of eVTOL racing.

tech
Company that sells Americans' location data reports massive breach, claims hackers

Company that sells Americans' location data reports massive breach, claims hackers

tech
15 things to do or try first when you get a new iPhone: 1. Set up your phone with your personal information and preferences. 2. Install your favorite apps and games. 3. Connect your phone to your Wi-Fi network and other devices. 4. Take a few photos and test out the camera. 5. Set up your email and other accounts. 6. Enable security features like Touch ID or Face ID. 7. Customize your phone's settings and appearance. 8. Explore the built-in features and apps on your phone. 9. Connect with friends and family on social media. 10. Set up reminders and alarms. 11. Use the phone's built-in voice assistant. 12. Download and install new apps from the App Store. 13. Set up your phone's screen time and parental controls. 14. Enable automatic updates for your apps and software. 15. Back up your important data to cloud storage or an external hard drive.

15 things to do or try first when you get a new iPhone: 1. Set up your phone with your personal information and preferences. 2. Install your favorite apps and games. 3. Connect your phone to your Wi-Fi network and other devices. 4. Take a few photos and test out the camera. 5. Set up your email and other accounts. 6. Enable security features like Touch ID or Face ID. 7. Customize your phone's settings and appearance. 8. Explore the built-in features and apps on your phone. 9. Connect with friends and family on social media. 10. Set up reminders and alarms. 11. Use the phone's built-in voice assistant. 12. Download and install new apps from the App Store. 13. Set up your phone's screen time and parental controls. 14. Enable automatic updates for your apps and software. 15. Back up your important data to cloud storage or an external hard drive.

tech
A 5-minute tidy-up for your phone and computer.

A 5-minute tidy-up for your phone and computer.

tech
One will leave you wanting a shape-shifting AI Transformer home.

One will leave you wanting a shape-shifting AI Transformer home.

tech
Over 800,000 VW electric vehicle owners' information compromised due to software glitch

Over 800,000 VW electric vehicle owners' information compromised due to software glitch

tech
Shell's experimental big rig moves the future of trucking forward.

Shell's experimental big rig moves the future of trucking forward.

tech

You might also like