Encrypted messaging app Telegram contains a Huawei tracker in its Android version, according to analysis by an Australian cybersecurity firm that has broken down the source code of popular mobile apps.
Australian cybersecurity and intelligence firm Internet 2.0 ran static analysis of popular messaging apps Telegram, Signal, Whatsapp, Facebook Messenger, Viber and Threema Work.
Using its Malcore platform, Internet 2.0 scores apps based on code analysis of the app Android as well as the permissions it asks for on the phone. Static analysis tests and examines the code without running the app, while dynamic analysis tests and evaluates as the app is running.
A tracker can be used in an app to monitor usage and engagement, for example in analytics or advertising. Trackers can be legitimate, and can help developers understand how their apps are being used and resolve potential issues.
Finding the tracker on Telegram was a surprise to the researchers, but 11 trackers were found in Rakuten’s voiceover IP (internet protocol) and messaging app Viber, which received the riskiest score.