If you downloaded either of these Android apps, delete them now. The two fake messaging apps were designed to look just like Telegram and Signal. However, Google has removed them from the Android Play Store, citing them as malicious apps capable of stealing your data.
The two apps in question are called Signal Plus Messenger and FlyGram. The former was active on the Play Store for over nine months and downloaded roughly 100 times before Google took it down. FlyGram was created by the same group and was removed back in 2021. However, both apps remain available on third-party websites.
If you’ve installed either of these fake messaging apps, Signal recommends uninstalling and making sure to unlink your account from them before doing so. Signal Plus could be used to monitor both sent and received messages and even contacts of people who have connected an infected device to their legitimate Signal or Telegram account.
This is why you should only rely on the official apps for these applications, and it is recommended that you continue to check your Connected Devices roster every few months to ensure no new, unknown devices have gained access to your account. Considering both Telegram and Signal are billed as privacy-centric messaging apps, it’s likely people will be upset if that privacy is somehow compromised.
If you did install either of the fake messaging apps to your devices, you may need to consider changing devices or at least wiping your current device and making sure to remove any unknown devices or old devices from your Signal and Telegram accounts. Despite being removed from the Google Play Store so long ago, both apps have continued to go unnoticed by the wider community. A Samsung spokesperson also recently advised me that the apps have been removed from the Galaxy Store as well, so if they’re still on your device, delete them now.
Consider this an important warning. In the future, just because an app promises more convenience or features doesn’t mean it is safe to use instead of the official app. We saw previous attempts by hackers to expose Signal users’ locations, so it isn’t unusual to see these privacy-focused apps under attack.