Reverse Engineering a trojan Telegram Clone November 15, 2024 on Dozheiny's blog

Telegram is one of the largest platforms where individuals can commit digital crimes without being noticed, unless someone reports their content. You can easily find related material with a simple search through channels. On channels managed by Iranians, in particular, there are sometimes disturbing contents like child abuse, violence, and more. Additionally, it can be an ideal platform for deploying trojan on a large scale.

I was looking for something on Telegram and came across an APK file named “ایرانی +18 ویدیو.apk,” which translates to “Iranian +18 video.apk” in English. My curiosity was piqued, so I decided to emulate the app. And guess what? It turned out to be a Telegram clone called Mobogram. So, I started reverse-engineering it.

Moh53n wrote a blog post discussing two or three Telegram clones and how these apps are have remote control on users. those clones was signed by these CN and OU:

Leave a Comment